Windows MSHTML zero-day used in malware attacks for over a year

Microsoft has patched a Windows zero-day vulnerability, CVE-2024-38112, that was exploited for 18 months to bypass security features and launch malicious scripts. Discovered by Check Point Research, the flaw allowed threat actors to use Internet Shortcut Files (.url) with the mhtml: URI handler to open URLs in Internet Explorer, downloading HTA files disguised as PDFs. This tactic exploited fewer security warnings in Internet Explorer, leading to the installation of the Atlantida Stealer malware. Microsoft has now fixed the issue by unregistering the mhtml: URI from Internet Explorer, redirecting it to Microsoft Edge instead.

Windows MSHTML zero-day used in malware attacks for over a year

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address

Windows MSHTML zero-day used in malware attacks for over a year

10-July-24

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address