Hey there, did you know that a Windows MSHTML vulnerability was recently patched after being under attack for over a year? It’s crucial for all vulnerable systems to apply the fix and scan for potential infiltration.
Windows MSHTML Vulnerability Exploit Works Against Windows 10, 11 Alike
According to Check Point Research (CPR), hackers exploited this vulnerability for eighteen months by using a clever trick involving Internet Explorer.
The exploit took advantage of the mhtml trick, which allowed hackers to call Internet Explorer instead of Microsoft Edge. This vulnerability affected both Windows 10 and Windows 11 systems, making them susceptible to the attack.
The attackers used a sneaky method to trick users into opening malicious files disguised as PDFs. By hiding the .url extension and making the files appear harmless, they were able to execute their malware download without raising suspicion.
Microsoft addressed this issue with the July 2024 Patch Tuesday updates after it was reported by Check Point Research. While the patch is now available, it’s still important to exercise caution when opening .url files from unknown sources.
Want to learn more about this attack strategy? Check out the full details in their post.
Microsoft Fixed The Vulnerability with July 2024 Patch Tuesday
After being reported in May 2024, Microsoft swiftly patched the vulnerability as a zero-day issue in their July 2024 updates. Stay vigilant and avoid opening suspicious .url files to protect your system.
We’d love to hear your thoughts on this topic. Share your comments below!
