Microsoft Windows CI CiSetFileCache TOCTOU Security Feature Bypass
Get link
Facebook
Twitter
Pinterest
Email
Other Apps
It is possible to add a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumvention of Device Guard policies and possibly PPL signing levels.