Dmitrij Lenz

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to April 2024 Patch Tuesday **Description** This issue is a security feature bypass vulnerability affecting the SmartScreen Prompt Security Feature in Microsoft Windows. The vulnerability allows attackers to bypass SmartScreen, potentially delivering malicious software to a target system. Exploitation requires user interaction, such as opening a specially crafted file or clicking a malicious link. Reports indicate that this vulnerability is being actively exploited in the wild, and it is related to CVE-2024-21412, which has been exploited by the Water Hydra APT group. The vulnerability impacts the security of web page shortcut prompts. **Recommendations** Apply the updates released during the April 2024 Patch Tuesday to address this vulnerability.