Microsoft Windows CI CiSetFileCache TOCTOU Security Feature Bypass

Discussion in 'News Aggregator' started by Packet Storm, 22 Nov 2017.

  1. Packet Storm

    Packet Storm Guest

    It is possible to add a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumvention of Device Guard policies and possibly PPL signing levels.

    Continue reading...
     
    #1 Packet Storm, 22 Nov 2017
(You must log in or sign up to post here.)

Share This Page

Loading...