Check Point Uncovers Zero-Day Flaw in Windows, CVE-2024-38112

Check Point Software Technologies has unveiled new information about CVE-2024-38112, a zero-day flaw in Windows that was recently patched as part of this month’s Patch Tuesday release. The vulnerability, which has been exploited in the wild, was discovered by Haifei Li, principal vulnerability researcher at Check Point.

According to Microsoft, the flaw is a spoofing vulnerability in the Windows MSHTML platform, with a CVSS score of 7.5. To exploit the vulnerability, an attacker would need to send a victim a malicious file that the victim would then have to execute.

In a thread on X (formerly Twitter), Li expressed some frustration with Microsoft’s handling of the patch release, stating that the company released the patch earlier than expected without notifying Check Point. However, Microsoft later reached out to Li to address the miscommunication and improve future coordination.

Technical Insights and Threat Actor Activities

Check Point Research published a blog post authored by Li, providing technical details about CVE-2024-38112. The post revealed that threat actors were using malicious Windows Internet Shortcut Files disguised as PDFs to gain remote code execution on victims’ machines.

Although Internet Explorer is no longer officially supported, the presence of its code in the Windows OS allows threat actors to exploit the flaw, even on systems without IE installed. The attacks observed by Check Point involved luring victims into clicking on .url files that would open the retired IE browser and visit an attacker-controlled URL.

While the identities of the threat actors remain unknown, Check Point’s research group manager, Eli Smadja, stated that at least two separate campaigns were likely responsible for the threat activity. One of the threat actors had a history of infostealer infections and targeted users in Turkey and Vietnam.

Overall, the discovery of CVE-2024-38112 highlights the ongoing challenges in cybersecurity and the importance of coordinated disclosure between researchers and vendors to protect users from potential exploits.

Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.

How to change screen timeout settings on windows 10?

To change screen timeout settings on Windows 10, follow these steps: 1. Open Settings by pressing Windows key + I. 2. Select 'System' and then choose 'Power & sleep' from the left menu. 3. Under the 'Screen' section, you can set the desired screen timeout duration for when your device is on battery power and when it's plugged in.

How to crop a video on windows 10?

To crop a video on Windows 10, you can use the Photos app: 1. Open the video in the Photos app. 2. Click 'Edit & Create' and select 'Trim' if you only want to cut the video down in length, or 'Create a video with text' and then use the 'Trim' and 'Resize' options. 3. Use the cropping handles to select the area you want to keep. 4. Click 'Save a copy' to save the cropped video.

Update: 10 Jul 2024