Microsoft Windows CiSetFileCache TOCTOU Incomplete Fix

The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumventing Device Guard policies.

MD5 | dd01efee7f81b595a28eb0762c87ef42

Download

Source: packetstormsecurity.com

Exploit Collector

Search Exploit

Microsoft Windows CiSetFileCache TOCTOU Incomplete Fix