CVE-2024-38217

Name of the Vulnerable Software and Affected Versions Microsoft Windows (affected versions not specified)

Description The issue concerns a security feature bypass vulnerability in the Mark of the Web (MOTW) protection mechanism of Microsoft Windows. This vulnerability can be exploited by an attacker to bypass existing security restrictions. The exploitation involves a specially crafted LNK file that, when opened, allows the attacker to launch untrusted files. The vulnerability has been actively exploited since 2018 and was recently patched by Microsoft.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.