Loading...
Loading...
Browse all stories on DeepNewz
VisitWill CVSS 9.8 vulnerability be exploited in a high-profile cyberattack by June 2025?
Yes • 50%
No • 50%
Reports from cybersecurity agencies or media outlets confirming high-profile exploitation
CVSS 9.8 Vulnerability Bypasses Windows Driver Signature Enforcement, Allows Unsigned Kernel Drivers
Oct 28, 2024, 12:10 AM
A newly discovered vulnerability allows attackers to bypass Microsoft's Driver Signature Enforcement on fully patched Windows systems, enabling the installation of unsigned kernel drivers. This security flaw, rated CVSS 9.8, compromises the integrity of the operating system's security. The issue, first reported by multiple sources, highlights a significant risk for Windows users, as it can potentially be exploited to install kernel rootkits. This vulnerability adds to a series of recent security concerns, including a critical authentication bypass flaw in the wpDiscuz plugin (CVE-2024-9488) affecting over 80,000 sites, and another critical RCE flaw in VMware vCenter (CVE-2024-38812). Additionally, a vulnerability in the Common Log File System (CLFS) driver allows a local user to gain elevated privileges on Windows 11.
View original story