What is known about the Spoofing – Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday?

What is known about the Spoofing - Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday?

What is known about the Spoofing – Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday? In fact, just that it is being exploited in the wild. There are no write-ups or public exploits yet. The Acknowledgements section in the Microsoft bulletin is empty. It is not clear who reported it and from whom we can expect details.

ZDI suggested that this could be an additional fix for a similar July vulnerability Spoofing – Windows MSHTML Platform (CVE-2024-38112). The vulnerability type and component are the same. The July vulnerability was about “.url” file handling and was exploited by the APT group Void Banshee to install the Atlantida Stealer malware. Attackers may have bypassed the initial fix, prompting Microsoft to release a new patch. So far, this is only an assumption. But the vulnerability shouldn’t be ignored despite its low CVSS Base score (6.5).

На русском

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.