CNNVD-202509-1087 Information
CNNVD ID
CNNVD-202509-1087
Related CVE
- CNNVD Published: 2025-09-08
Description (Chinese)
Microsoft Windows Defender Application Control(WDAC)是美国微软(Microsoft)公司的一款安全工具,通过配置策略从软件层面限制程序运行,以减少黑客可以攻击的范围。 Microsoft Windows Defender Application Control存在安全漏洞,该漏洞源于端点驱动阻止列表未完全同步在线推荐规则,可能导致绕过驱动阻止。
Description (English)
Microsoft Windows Defense Application Control (WDAC) is a United States Microsoft Corporation security tool that limits program operations at the software level through configuration strategies to reduce the reach of hackers. Microsoft Windows Defense Application Control has a security loophole, which stems from end-drive block lists that are not fully synchronized with online recommendation rules and may lead to bypassing the driver.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
微软
Published
2025-09-08
Last Modified
2026-02-24
References
https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules https://github.com/wdormann/applywdac https://access.redhat.com/security/cve/cve-2022-50238
Patch
https://learn.microsoft.com/en-us/hololens/windows-defender-application-control-wdac
Share on: