Are there known vulnerabilities exist on Windows that are not patched? - Lemmy.world

I only know about CVE-2013-3900 [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900] (WinVerifyTrust) which allows modified files to pass signature check unless you tweak registry to enable patches. I think there must be other instances like this where Microsoft won’t fix vulnerability or chooses insecure defaults, is there a list?