3 articles | last updated: Jul 11 15:06:00
The zero-day flaw in the MSHTML engine allowed attackers to execute malicious code on Windows 10 and 11 systems.
- The vulnerability, CVE-2024-38112, was exploited since January 2023 before being fixed in July 2024.
- Attackers used deceptive PDF-like files to trick users into running harmful scripts.
- The flaw had a severity rating of 7.0 and required user interaction to be exploited.
- Microsoft's patch removes the ability to open malicious URLs in Internet Explorer.
- Check Point researchers were the first to identify and report the vulnerability.
People, Places and Things In This Story
- Microsoft Corporation IT corporation
- Windows 10 Operating system
- Trident Browser engine
- Check Point Software Technologies Software company
- PDF File format
- Internet Explorer Web browser
Categories:
- Technology