Microsoft Urges Swift Action on CVE-2024-38112 Vulnerability Patch

26 Jul 2024

Check Point recently uncovered a remote code execution vulnerability, known as CVE-2024-38112, affecting Microsoft Windows users and various versions of Windows Server. The attackers exploited Windows Internet Shortcut files to trigger the retired Internet Explorer to access a URL with a hidden malicious extension under their control. By leveraging Internet Explorer instead of more secure browsers like Chrome or Edge, the threat actors gained an upper hand in compromising the victim’s device.

Deceptive Tactics and High-Severity Vulnerability

The attackers also employed a deceptive tactic where they tricked the victim into thinking they were opening a PDF file, when in reality, they were downloading and running a hazardous .hta application, as noted by the Check Point researchers. This high-severity vulnerability has been added to the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities Catalog with a severity score of 7.5 due to active exploitation. Federal agencies have been instructed to update or shut down all Windows systems by July 30 to mitigate the risk.

Analysis and Urgency

Further analysis reveals that out of approximately 500,000 endpoints running Windows 10 and 11, over 10% lack endpoint protection controls and nearly 9% do not have patch management controls in place. This leaves these organizations vulnerable to potential attacks. Despite Microsoft releasing a patch on July 9, some instances of exploitation of this vulnerability date back more than a year, emphasizing the urgency for organizations to take swift action in securing their systems.

What is microsoft windows desktop?

Microsoft Windows Desktop refers to the graphical user interface provided by Microsoft Windows operating systems. It includes the desktop environment where users can manage files, run applications, and access system settings. The desktop typically features icons, a taskbar, and a start menu for easy navigation. This environment is fundamental to the user experience in Windows, providing a platform for multitasking and interaction with the computer's software and hardware components.

Update: 26 Jul 2024

Discover Microsoft Windows XP download for free to PC or mobile

Latest update Discover Microsoft Windows XP download for free for Windows PC or Android mobile

661 reviews

3936 downloads

News and reviews about Discover Microsoft Windows XP

14 May 2025

Microsoft Identifies Vulnerabilities, Updates Security Measures

Microsoft addressed 72 vulnerabilities, including five zero-day flaws, marking the eighth month without critical classification. Urgent patches respond to active exploitation risks.

25 Apr 2025

Windows Updates Unveil Risks with Inetpub Folder Appearance

Microsoft's recent update has led to security concerns due to the unexpected appearance of the 'inetpub' folder, potentially allowing hackers to exploit Windows systems.

09 Apr 2025

Microsoft's Milestones in Innovation and Computing History

From its 1970s inception to today, Microsoft's journey in computing innovation showcases key products like MS-DOS, Windows, and advancements in AI and cloud technology.

04 Mar 2025

CdkeySales Offers Significant Savings on Microsoft Software

CdkeySales provides major discounts on software keys for Windows 10, Windows 11, and Microsoft Office packages, offering a user-friendly purchasing process.

03 Mar 2025

CISA Identifies New Vulnerabilities Impacting Key Systems

CISA reports new vulnerabilities in Cisco routers and Windows. Agencies are urged to address these security issues by March 2025 to ensure protection.

03 Sep 2024

Mastering Windows 11 Keyboard Shortcuts Boosts Business Efficiency

Mastering keyboard shortcuts in Windows 11 enhances efficiency and transforms tasks into seamless operations. These shortcuts cover basic functions, start menu and taskbar navigation, screenshots, desktop management, and command prompt operations, significantly boosting productivity for users.

13 Aug 2024

CERT-In Warns Windows Users of Vulnerabilities in Multiple Versions

The Indian Computer Emergency Response Team (CERT-In) warns Windows users of vulnerabilities in various versions, including Windows 10, 11, and Server editions. Users should activate firewalls, update antivirus software, and stay informed about updates from Microsoft and CERT-In.

13 Aug 2024

Fortra Identifies Denial of Service Vulnerability in Microsoft Windows Systems

Fortra has discovered a Denial of Service vulnerability in Microsoft Windows, affecting versions 10, 11, and Server 2016, 2019, and 2022. The flaw, CVE-2024-6768, can cause system instability and data loss. Microsoft closed the case in February 2024, citing inability to reproduce the issue.

13 Aug 2024

Microsoft Windows Users Face Issues in India Due to CrowdStrike Update

Microsoft Windows users face issues due to a significant outage from a problematic CrowdStrike update. CERT-In has issued an alert highlighting vulnerabilities that could allow attackers to elevate privileges, particularly affecting systems with VBS and Windows Backup. Users should follow Microsoft's recommendations.

13 Aug 2024

CERT-In Issues Advisory on Microsoft Windows Vulnerabilities

The Indian Computer Emergency Response Team (CERT-In) has warned of vulnerabilities in Microsoft Windows, affecting versions 10, 11, and 12, as well as Windows Server 2016, 2019, and 2022. These medium-severity flaws could allow privilege escalation. Users should update to the latest versions.