SmartScreen Prompt Security Feature Bypass Vulnerability
Published: 2024-04-09
Microsoft addresses 147 CVEs in its April 2024 Patch Tuesday release with three critical vulnerabilities and no zero-day or publicly disclosed vulnerabilities.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988
https://www.bleepingcomputer.com/news/microsoft/new-windows-smartscreen-bypass-exploited-as-zero-day-since-march/
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-two-windows-zero-days-exploited-in-malware-attacks/
https://www.zerodayinitiative.com/blog/2025/1/8/zdi-threat-hunting-2024-highlights-trends-amp-challenges
https://www.tenable.com/blog/microsofts-april-2024-patch-tuesday-addresses-147-cves-cve-2024-29988
Source: Mitre, NVD
Updated: 2024-11-29
Known Exploited Vulnerability (KEV)
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Severity: Critical
Base Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: High
EPSS: 0.33151