cve/2017/CVE-2017-8625.md

### [CVE-2017-8625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8625)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen)

### Description

Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability".

### POC

#### Reference
- https://msitpros.com/?p=3909
- https://oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/
- https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442

#### Github
- https://github.com/0xSojalSec/-cybersecurity-red-team-resource
- https://github.com/0xZipp0/BIBLE
- https://github.com/0xp4nda/Red-team
- https://github.com/301415926/PENTESTING-BIBLE
- https://github.com/84KaliPleXon3/PENTESTING-BIBLE
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AdhamRammadan/CyberRoad
- https://github.com/Ashadowkhan/PENTESTINGBIBLE
- https://github.com/DefensiveThinking/list-infosec-encyclopedia
- https://github.com/Digit4lBytes/RedTeam
- https://github.com/DigitalQuinn/InfosecCompilation
- https://github.com/Fa1c0n35/Awesome-Red-Teaming.
- https://github.com/GoVanguard/list-infosec-encyclopedia
- https://github.com/H4CK3RT3CH/Awesome-Red-Teaming
- https://github.com/Hemanthraju02/Red-team
- https://github.com/HildeTeamTNT/Awesome-Red-Teaming
- https://github.com/Ib-uth/Awesome-Red-Teaming
- https://github.com/ImranTheThirdEye/Awesome-Red-Teaming
- https://github.com/Joao-Paulino/RedTeamTools
- https://github.com/MRNIKO1/Awesome-Red-Teaming
- https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE
- https://github.com/MdTauheedAlam/Red-Teaming-Repo-outdated-
- https://github.com/MedoX71T/PENTESTING-BIBLE
- https://github.com/Mehedi-Babu/red_team_cyber
- https://github.com/Micle5858/PENTESTING-BIBLE
- https://github.com/Mrnmap/RED-TEAM_RES
- https://github.com/NetW0rK1le3r/PENTESTING-BIBLE
- https://github.com/OCEANOFANYTHING/PENTESTING-BIBLE
- https://github.com/Rayyan-appsec/ALL-PENTESTING-BIBLE
- https://github.com/Saidul-M-Khan/Awesome-Red-Teaming
- https://github.com/Saidul-M-Khan/PENTESTING-BIBLE
- https://github.com/Tracehowler/Bible
- https://github.com/aliyavalieva/RedTeam
- https://github.com/ayann01/Codename-Team-Red
- https://github.com/aymankhder/Awsem-Redteam
- https://github.com/aymankhder/PENTESTING-BIBLE2
- https://github.com/bjknbrrr/PENTESTING-BIBLE
- https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
- https://github.com/bohops/UltimateWDACBypassList
- https://github.com/codereveryday/Programming-Hacking-Resources
- https://github.com/cooslaz/Awesome-Red-Teaming
- https://github.com/cwannett/Docs-resources
- https://github.com/dli408097/RedTeam
- https://github.com/dli408097/pentesting-bible
- https://github.com/drg3nz0/Awesome-Red-Teaming
- https://github.com/erSubhashThapa/pentest-bible
- https://github.com/gacontuyenchien1/Security
- https://github.com/geeksniper/Red-teaming-resources
- https://github.com/guzzisec/PENTESTING-BIBLE
- https://github.com/hacker-insider/Hacking
- https://github.com/homjxi0e/CVE-2017-8625_Bypass_UMCI
- https://github.com/i-snoop-4-u/Refs
- https://github.com/iamrajivd/pentest
- https://github.com/imNani4/PENTESTING-BIBLE
- https://github.com/kerk1/Awesome-RedTeaming
- https://github.com/kerk1/Red-Teaming
- https://github.com/lnick2023/nicenice
- https://github.com/maurotedesco/RedTeam
- https://github.com/mishmashclone/yeyintminthuhtut-Awesome-Red-Teaming
- https://github.com/mrhunter7/Awesome-Red-Teaming
- https://github.com/mynameiskaleb/Coder-Everyday-Resource-Pack-
- https://github.com/neonoatmeal/Coder-Everyday-Resource-Pack-
- https://github.com/nitishbadole/PENTESTING-BIBLE
- https://github.com/paulveillard/cybersecurity-red-team
- https://github.com/phant0n/PENTESTING-BIBLE
- https://github.com/pr0code/Awesome-Red-Team
- https://github.com/qaisarafridi/Red-Teaming-
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/readloud/Pentesting-Bible
- https://github.com/ridhopratama29/zimbohack
- https://github.com/souhaiboudiouf/Red-Team-resources
- https://github.com/sreechws/Red_Teaming
- https://github.com/t31m0/Awesome-Red-Teaming
- https://github.com/t31m0/PENTESTING-BIBLE
- https://github.com/vincentfer/PENTESTING-BIBLE-
- https://github.com/whoami-chmod777/Awesome-Red-Teaming
- https://github.com/whoami-chmod777/Pentesting-Bible
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
- https://github.com/yusufazizmustofa/BIBLE
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2017-8625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8625)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen)`

			`### Description`

			`Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability".`

			`### POC`

			`#### Reference`
			`- https://msitpros.com/?p=3909`
			`- https://oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/`
			`- https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442`

			`#### Github`
			`- https://github.com/0xSojalSec/-cybersecurity-red-team-resource`
			`- https://github.com/0xZipp0/BIBLE`
			`- https://github.com/0xp4nda/Red-team`
			`- https://github.com/301415926/PENTESTING-BIBLE`
			`- https://github.com/84KaliPleXon3/PENTESTING-BIBLE`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/AdhamRammadan/CyberRoad`
			`- https://github.com/Ashadowkhan/PENTESTINGBIBLE`
Update CVE sources 2024-08-30 20:52 2024-08-30 20:52:42 +00:00			`- https://github.com/DefensiveThinking/list-infosec-encyclopedia`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/Digit4lBytes/RedTeam`
			`- https://github.com/DigitalQuinn/InfosecCompilation`
			`- https://github.com/Fa1c0n35/Awesome-Red-Teaming.`
Update CVE sources 2024-06-22 09:37 2024-06-22 09:37:59 +00:00			`- https://github.com/GoVanguard/list-infosec-encyclopedia`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/H4CK3RT3CH/Awesome-Red-Teaming`
			`- https://github.com/Hemanthraju02/Red-team`
			`- https://github.com/HildeTeamTNT/Awesome-Red-Teaming`
			`- https://github.com/Ib-uth/Awesome-Red-Teaming`
			`- https://github.com/ImranTheThirdEye/Awesome-Red-Teaming`
			`- https://github.com/Joao-Paulino/RedTeamTools`
			`- https://github.com/MRNIKO1/Awesome-Red-Teaming`
			`- https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE`
			`- https://github.com/MdTauheedAlam/Red-Teaming-Repo-outdated-`
			`- https://github.com/MedoX71T/PENTESTING-BIBLE`
			`- https://github.com/Mehedi-Babu/red_team_cyber`
			`- https://github.com/Micle5858/PENTESTING-BIBLE`
			`- https://github.com/Mrnmap/RED-TEAM_RES`
			`- https://github.com/NetW0rK1le3r/PENTESTING-BIBLE`
			`- https://github.com/OCEANOFANYTHING/PENTESTING-BIBLE`
			`- https://github.com/Rayyan-appsec/ALL-PENTESTING-BIBLE`
			`- https://github.com/Saidul-M-Khan/Awesome-Red-Teaming`
			`- https://github.com/Saidul-M-Khan/PENTESTING-BIBLE`
			`- https://github.com/Tracehowler/Bible`
			`- https://github.com/aliyavalieva/RedTeam`
			`- https://github.com/ayann01/Codename-Team-Red`
			`- https://github.com/aymankhder/Awsem-Redteam`
			`- https://github.com/aymankhder/PENTESTING-BIBLE2`
			`- https://github.com/bjknbrrr/PENTESTING-BIBLE`
			`- https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE`
			`- https://github.com/bohops/UltimateWDACBypassList`
			`- https://github.com/codereveryday/Programming-Hacking-Resources`
			`- https://github.com/cooslaz/Awesome-Red-Teaming`
			`- https://github.com/cwannett/Docs-resources`
			`- https://github.com/dli408097/RedTeam`
			`- https://github.com/dli408097/pentesting-bible`
			`- https://github.com/drg3nz0/Awesome-Red-Teaming`
			`- https://github.com/erSubhashThapa/pentest-bible`
			`- https://github.com/gacontuyenchien1/Security`
			`- https://github.com/geeksniper/Red-teaming-resources`
			`- https://github.com/guzzisec/PENTESTING-BIBLE`
			`- https://github.com/hacker-insider/Hacking`
			`- https://github.com/homjxi0e/CVE-2017-8625_Bypass_UMCI`
			`- https://github.com/i-snoop-4-u/Refs`
			`- https://github.com/iamrajivd/pentest`
			`- https://github.com/imNani4/PENTESTING-BIBLE`
			`- https://github.com/kerk1/Awesome-RedTeaming`
			`- https://github.com/kerk1/Red-Teaming`
			`- https://github.com/lnick2023/nicenice`
			`- https://github.com/maurotedesco/RedTeam`
			`- https://github.com/mishmashclone/yeyintminthuhtut-Awesome-Red-Teaming`
Update CVE sources 2024-07-25 21:25 2024-07-25 21:25:12 +00:00			`- https://github.com/mrhunter7/Awesome-Red-Teaming`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/mynameiskaleb/Coder-Everyday-Resource-Pack-`
			`- https://github.com/neonoatmeal/Coder-Everyday-Resource-Pack-`
			`- https://github.com/nitishbadole/PENTESTING-BIBLE`
			`- https://github.com/paulveillard/cybersecurity-red-team`
			`- https://github.com/phant0n/PENTESTING-BIBLE`
			`- https://github.com/pr0code/Awesome-Red-Team`
			`- https://github.com/qaisarafridi/Red-Teaming-`
			`- https://github.com/qazbnm456/awesome-cve-poc`
			`- https://github.com/readloud/Pentesting-Bible`
			`- https://github.com/ridhopratama29/zimbohack`
			`- https://github.com/souhaiboudiouf/Red-Team-resources`
			`- https://github.com/sreechws/Red_Teaming`
			`- https://github.com/t31m0/Awesome-Red-Teaming`
			`- https://github.com/t31m0/PENTESTING-BIBLE`
			`- https://github.com/vincentfer/PENTESTING-BIBLE-`
			`- https://github.com/whoami-chmod777/Awesome-Red-Teaming`
			`- https://github.com/whoami-chmod777/Pentesting-Bible`
			`- https://github.com/xbl3/awesome-cve-poc_qazbnm456`
			`- https://github.com/yeyintminthuhtut/Awesome-Red-Teaming`
			`- https://github.com/yusufazizmustofa/BIBLE`