The Microsoft Windows WOF filter driver does not correctly handle the reparse point setting which allows for an arbitrary file to be cached signed leading to a bypass of UMCI.
advisories | CVE-2020-17139
Microsoft Windows WOF FSCTL_SET_REPARSE_POINT_EX Cached Signing Level Bypass
