Windows MSHTML Platform Security Feature Bypass Vulnerability
Key Information
- Vendor
- Microsoft
- Status
- Windows 10 Version 1809
- Windows Server 2019
- Windows Server 2019 (server Core Installation)
- Windows Server 2022
- Vendor
- CVE Published:
- 14 May 2024
Badges
Summary
Windows MSHTML Platform Security Feature Bypass Vulnerability
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-30040 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Windows 10 Version 1809 < 10.0.17763.5820
Windows Server 2019 < 10.0.17763.5820
Windows Server 2019 (Server Core installation) < 10.0.17763.5820
News Articles
Telconet CSIRT CVE-2024-30040CVE-2024-30051Microsoft corrige múltiples vulnerabilidades en su Patch Tuesday de mayo 2024 – Telconet CSIRT
Microsoft realiza actualizaciones de seguridad con su Patch Tuesday de mayo del 2024 en el que se aborda un total de 61 fallos de seguridad, que incluyen tres vulnerabilidades Zero Day. En esta edición, se...
1 month ago
Krebs on Security
The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly...
4 months ago
Patch Tuesday, May 2024 Edition
Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS…
4 months ago
CVSS V3.1
Timeline
- 👾
Exploit exists.
First article discovered by CrowdStrike
Vulnerability published.
Vulnerability Reserved.