Primary

Context

Microsoft App Control for Business Security Feature Bypass Vulnerability

Vulnerability

A vulnerability allowing unauthorized attackers to locally bypass security features in App Control for Business (WDAC) has been identified. This issue arises from improper verification of cryptographic signatures, which could enable attackers to spoof signatures and manipulate App Control policies.

Impact

Exploitation of this vulnerability could lead to unauthorized bypass of security features, allowing attackers to manipulate App Control policies by spoofing cryptographic signatures.

Remediation

Users can apply the security updates KB5060842 or KB5060841 to address this vulnerability. These updates are available through the Microsoft Update Catalog.

Added: Jun 10, 2025, 5:56 PM

Updated: Jun 10, 2025, 5:56 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft App Control for Business Security Feature Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating