Windows MSHTML zero-day used in malware attacks for over a year
Posted: Sat Nov 09, 2024 12:05 pm
Microsoft fixed a Windows zero-day vulnerability that has been actively exploited in attacks for eighteen months to launch malicious scripts while bypassing built-in security features.
The flaw, tracked as CVE-2024-38112, is a high-severity MHTML spoofing issue fixed during the July 2024 Patch Tuesday security updates.
https://www.bleepingcomputer.com/news/s ... er-a-year/
The flaw, tracked as CVE-2024-38112, is a high-severity MHTML spoofing issue fixed during the July 2024 Patch Tuesday security updates.
https://www.bleepingcomputer.com/news/s ... er-a-year/