Question 1

What is CVE-2017-11899?

Accepted Answer

CVE-2017-11899 is a critical-severity software vulnerability with a CVSS score of 9.8. Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way untrusted files are handled, aka "Microsoft Windows Security Feature By

Question 2

Is CVE-2017-11899 being actively exploited?

Accepted Answer

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 6%.

Question 3

What products does CVE-2017-11899 affect?

Accepted Answer

Tracked products affected include Windows 10, Windows Server 2016. Check the version you run to see whether it is affected.

Question 4

How do I fix CVE-2017-11899?

Accepted Answer

Apply the vendor fix promptly. An official patch or advisory is available. Upgrade affected products to a fixed version.

CVE-2017-11899

Summary

Impact & exploitability

Affected products we track (2)

Recommendation

Additional information