Bypassing AppLocker Rules in Microsoft Windows Server 2008 R2 and Windows 7

Bypassing AppLocker Rules in Microsoft Windows Server 2008 R2 and Windows 7

CVE-2011-4434 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:P

Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a (1) macro or (2) scripting feature in an application, as demonstrated by Microsoft Office applications and the SANDBOX_INERT and LOAD_IGNORE_CODE_AUTHZ_LEVEL flags.

Learn more about our Cis Benchmark Audit For Microsoft Office.