vendor:
Windows Defender
by:
Project Zero
7.5
CVSS
HIGH
Security Feature Bypass
287
CWE
Product Name: Windows Defender
Affected Version From: Windows 10 1709 + Antimalware client version 4.12.16299.15
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: o:microsoft:windows
Platforms Tested: Windows
Windows Defender: Controlled Folder Bypass through UNC Path
You can bypass the controlled folder feature in Defender in Windows 10 1709 using a local UNC admin share. By opening the target file for write/delete access through the UNC path, the controlled folders feature can be circumvented.