Microsoft Windows users are under the threat from the recently discovered CVE-2024-38112 vulnerability that is already being actively exploited by cybercriminals. The matter concerns Windows Internet Shortcut files that invoke the now-defunct Internet Explorer (IE) to open attacker-controlled URLs with the help of IE’s lessened security on a modern Windows 10/11 system.
Key Details:
Vulnerability Exploited:
- Malicious people use Windows Internet Shortcut files to unleash IE.
- The exploit then loads a page with the attackers’ choice of Query String; this significantly hands the attackers the reigns.
Government Action:
- CISA has included the vulnerability in its KSV known database and refers to it as KSV number 480536.
- Required updates or off-anchoring of the federal systems by July 30, 2024.
Additional Vulnerabilities:
CVE-2024-38080:
- Involves Microsoft Windows Hyper-V.
- Enables a local attacker to get a SYSTEM privilege, which is an example of privileges escalation.
Microsoft’s July Update :
- Addresses both vulnerabilities.
- Contains a total of 137 patches in the structure.
Key Actions for Users:
- Immediate Update: Windows users should apply the latest patch from the Microsoft Company so as to avoid these exploits.
- Caution with Shortcut Files: It is necessary to be cautious concerning the Internet Shortcut files and make sure that the URLs are run with the modern browsers, including the Chrome or Edge ones.
Quotes from Experts:
"The author regards the described exploit as rather quite especially. Spotlights the usage of one of the system components that Windows’ users barely remember".-Eli Smadja
Impact and Future Considerations:
End of Windows 10 Support:
Since Microsoft will no longer support Windows 10 after October 2025, users have to be careful.
Ideally, recommend acquiring new models for the receipt of further safety patches. A good lesson that can be learned from this case is that updates concerning potential security threats from outdated software components are necessary on frequent basis. Overcoming the complexity of current threats requires that the systems are always updated, and that is feasible.