Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2023-24880
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 14 March 2023
Badges
Summary
Windows SmartScreen Security Feature Bypass Vulnerability
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited and is known by the CISA as enabling ransomware campaigns.
The CISA's recommendation is: Apply updates per vendor instructions.
Affected Version(s)
Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.5786
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.4131
Windows 10 Version 1809 ARM64-based Systems 10.0.0 < 10.0.17763.4131
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
CybersecurityNewsTop 10 Vulnerabilities That Were Exploited the Most In 2023
Some of the vulnerabilities were added to the CISA’s Known Exploited Vulnerabilities catalog marking them as extremely important to patch.
Help Net SecurityMicrosoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880) - Help Net Security
For March 2023 Patch Tuesday Microsoft has fixed 2 vulnerabilities actively exploited in the wild (CVE-2023-23397, CVE-2023-24880).
Exploit for Critical Windows Defender Bypass Goes Public
Exploit for Critical Windows Defender Bypass Goes Public
References
EPSS Score
90% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 📰
First article discovered by Security Boulevard
- 💰
Used in Ransomware
- 👾
Exploit known to exist
- 🦅
CISA Reported
Vulnerability published
Vulnerability Reserved