Check Point Uncovers Zero-Day Flaw in Windows, CVE-2024-38112

Check Point Software Technologies has unveiled new information about CVE-2024-38112, a zero-day flaw in Windows that was recently patched as part of this month’s Patch Tuesday release. The vulnerability, which has been exploited in the wild, was discovered by Haifei Li, principal vulnerability researcher at Check Point.

According to Microsoft, the flaw is a spoofing vulnerability in the Windows MSHTML platform, with a CVSS score of 7.5. To exploit the vulnerability, an attacker would need to send a victim a malicious file that the victim would then have to execute.

In a thread on X (formerly Twitter), Li expressed some frustration with Microsoft’s handling of the patch release, stating that the company released the patch earlier than expected without notifying Check Point. However, Microsoft later reached out to Li to address the miscommunication and improve future coordination.

Technical Insights and Threat Actor Activities

Check Point Research published a blog post authored by Li, providing technical details about CVE-2024-38112. The post revealed that threat actors were using malicious Windows Internet Shortcut Files disguised as PDFs to gain remote code execution on victims’ machines.

Although Internet Explorer is no longer officially supported, the presence of its code in the Windows OS allows threat actors to exploit the flaw, even on systems without IE installed. The attacks observed by Check Point involved luring victims into clicking on .url files that would open the retired IE browser and visit an attacker-controlled URL.

While the identities of the threat actors remain unknown, Check Point’s research group manager, Eli Smadja, stated that at least two separate campaigns were likely responsible for the threat activity. One of the threat actors had a history of infostealer infections and targeted users in Turkey and Vietnam.

Overall, the discovery of CVE-2024-38112 highlights the ongoing challenges in cybersecurity and the importance of coordinated disclosure between researchers and vendors to protect users from potential exploits.

Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.

How to change screen timeout settings on windows 10?

To change screen timeout settings on Windows 10, follow these steps: 1. Open Settings by pressing Windows key + I. 2. Select 'System' and then choose 'Power & sleep' from the left menu. 3. Under the 'Screen' section, you can set the desired screen timeout duration for when your device is on battery power and when it's plugged in.

How to crop a video on windows 10?

To crop a video on Windows 10, you can use the Photos app: 1. Open the video in the Photos app. 2. Click 'Edit & Create' and select 'Trim' if you only want to cut the video down in length, or 'Create a video with text' and then use the 'Trim' and 'Resize' options. 3. Use the cropping handles to select the area you want to keep. 4. Click 'Save a copy' to save the cropped video.

Update: 10 Jul 2024

Close All Windows download for free to PC or mobile

Latest update Close All Windows download for free for Windows PC or Android mobile

556 reviews

3143 downloads

News and reviews about Close All Windows

10 Jun 2025

Windows 11 Updates Address Security and Enhance Features

Microsoft rolls out mandatory Windows 11 updates, KB5060842 and KB5060999, improving security and introducing new features like cross-device resume in OneDrive, updated search, and an extended System Restore option, adjusting build numbers for versions 24H2 and 23H2.

06 Jun 2025

Windows 11 Challenges and Evolution in Gaming Handhelds

Exploring Windows 11's journey in gaming handhelds amidst past miscues. Microsoft's evolution with new designs and features unfolds, shaping the mobile space.

06 Jun 2025

Microsoft Eases Users Toward Windows 11 as Support for 10 Ends

Microsoft nudges users from Windows 10 to Windows 11 as support ends. The company's campaign plays on security risks of outdated systems, sparking mixed responses.

05 Jun 2025

Microsoft to Allow More Control on Windows in Europe by 2025

The upcoming changes to Windows in Europe, prompted by the Digital Markets Act, will allow users greater control over pre-installed apps and default services, beginning June 2025.

04 Jun 2025

Strategies for an Optimal Windows 11 Upgrade Experience

Explore essential steps to optimize your Windows 11 upgrade, from tweaking the taskbar to enhancing privacy settings.

03 Jun 2025

Windows 11 Introduces New Quick Recovery Features

Windows 11's Recovery settings aim for quick machine recovery, offering enhanced options for troubleshooting and system restoration, particularly aiding IT administrators.

02 Jun 2025

Microsoft Resolves Windows 11 Startup Failures in Virtual PCs

Microsoft releases urgent fixes for Windows 11 startup issues in virtual environments due to missing ACPI.sys file. The updates, now available, underline the challenges in maintaining software security.

02 Jun 2025

Windows 11 Update Enhances Gaming Features and Performance

Windows 11's latest update fixes game bugs, boosts performance, and adds innovative features like Click to Do and Cross Device Resume.

02 Jun 2025

Windows Sends Out Emergency Update After System Errors

Microsoft responds to errors in Windows 11 following update KB5058405, issuing a non-security patch KB5062170 to address recovery issues affecting virtual systems.

02 Jun 2025

Windows Users Face Critical Upgrade Decisions Amid Security Risks

Microsoft urges Windows users to upgrade to Windows 11 as Windows 10 support ends soon, warning of security risks. Asus showcases AI advancements in new PCs.