Internet Shortcut Files Security Feature Bypass Vulnerability
Published: 2024-02-13
Microsoft addresses 73 CVEs, including three zero-day vulnerabilities that were exploited in the wild.
https://www.securityweek.com/copy2pwn-zero-day-exploited-to-bypass-windows-protections/
https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
https://thehackernews.com/2024/06/darkgate-malware-replaces-autoit-with.html
https://www.infosecurity-magazine.com/news/water-hydras-zero-day-financial/?&web_view=true
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21412
Published: 2024-02-13
Updated: 2024-11-29
Named Vulnerability: Microsoft WindowsNamed Vulnerability: Copy2PwnKnown Exploited Vulnerability (KEV)
Base Score: 9.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N
Severity: High
Base Score: 8.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Severity: High
EPSS: 0.93777