High severity8.8NVD Advisory· Published Aug 8, 2017· Updated May 13, 2026

CVE-2017-8625

Description

Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability".

Affected products

Microsoft/Internet Explorer
cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*
Microsoft Corporation/Internet Explorerv5
Range: Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8625nvdPatchVendor Advisory
posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442nvdExploitThird Party Advisory
www.securityfocus.com/bid/100063nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039112nvdThird Party AdvisoryVDB Entry
oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/nvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.056
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000