To exploit this vulnerability, an attacker must convince the target (e.g. The vulnerability allows bypassing the security feature (the SmartScreen filter) in Internet shortcut files. CVE-2024-21412 is an Internet Shortcut Files Security Feature Bypass vulnerability that has been classified as important with a CVEv3 score of 8.1. I had already mentioned the vulnerability in the blog post Microsoft Security Update Summary (February 13, 2024). Trend Micro now reports that the APT group Water Hydra is exploiting this Internet Shortcut Files Security Feature Bypass vulnerability CVE-2024-21412 for attacks. Microsoft has provided corresponding patches for the supported Windows versions with the February 2024 security updates to fix this vulnerability. This vulnerability can be used to bypass the SmartScreen in Windows and other products. On 13 February 2024, the Internet Shortcut Files Security Feature Bypass vulnerability CVE-2024-21412 became known.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |