The enlightened lockdown policy check for COM Class instantiation can be bypassed in MSHTML hosts leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).
9712057287ac930a735ce61231cfc9d8ca34030fa8ad189ecf196bc27cdeabe2
© 2022 Packet Storm. All rights reserved.