CVE-2024-21412 - Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability

Vulnerability Name

Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability

Description

Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21412

https://nvd.nist.gov/vuln/detail/CVE-2024-21412

Related News Articles

7-Zip fixes bug that bypasses Windows MoTW security warnings, patch nowJanuary 22, 2025

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-DaysAugust 14, 2024

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day ExploitsAugust 14, 2024

New Windows SmartScreen bypass exploited as zero-day since MarchAugust 14, 2024

Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza StealersJuly 24, 2024