Microsoft has released a temporary fix for vulnerability in its latest operating system, which allows untrusted users to bypass the safeguards in place to run unauthorized applications.
AppLocker allows administrators to restrict the list of applications that can run on computers running Windows 7 and Windows Server 2008. However, end users can easily overcome the limitations by enhancing various automated scripting features, including macros in Microsoft Office. The program flags such as SANDBOX_INERT LOAD_IGNORE_CODE_AUTHZ_LEVEL and can even allow execution of malicious code, hidden in a temporary folder.
On Wednesday, Microsoft posted a hotfix to fix the vulnerability.
“This hotfix is ??likely to pass additional tests,” – reported in the newsletter from Microsoff. ”Therefore, if the problem did not affect you seriously, we recommend you wait for the next software update that contains fixes.”
The newsletter has not specified when the update will be released.