The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumventing Device Guard policies.
8bf899b59331805e3565783c1df52349bae6d10f5374cb34ff520b4495773303