Primary

Context

Microsoft Windows VBS Enclave Security Feature Bypass Vulnerability

Vulnerability

A security feature bypass vulnerability has been identified in Windows Virtualization-Based Security (VBS) Enclave. This vulnerability arises from insufficient verification of data authenticity, allowing an authorized attacker to locally bypass a security feature. The issue affects multiple Windows versions, including Windows 10 (all editions), Windows 11 (all editions), and Windows Server 2016, 2019, 2022, and 2025. The vulnerability requires high privileges to exploit.

Impact

Exploitation of this vulnerability allows for a local bypass of the Virtualization-Based Security feature.

Remediation

Security updates are available for all affected Windows versions. Users can download these updates through the Microsoft Update Catalog.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Windows VBS Enclave Security Feature Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Windows 10

Microsoft Windows Server 2022

Microsoft Windows Server 2019

Microsoft Windows 11

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating