Today’s VERT Alert addresses Microsoft’s September 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1123 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-38217 Windows uses the Mark of the Web (MoTW) to identify files downloaded from the Internet. This is done by setting the NTFS Zone.Identifier alternate Data Stream (ADS). This mark is used to notify users via SmartScreen that they are about to run a potentially dangerous file. This publicly disclosed vulnerability allows malicious files to bypass SmartScreen…
This article has been indexed from Blog RSS Feed