Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it
What zero-day attacks targeted Windows users?
Zero-day attacks targeting Windows users exploited a vulnerability in both Windows 10 and 11, causing devices to open Internet Explorer. The attacks used malicious Windows Internet Shortcut files (.url) to spoof legitimate files, such as PDFs, and trick users into downloading and launching HTA files, which installed password-stealing malware. The vulnerability, tracked as CVE-2024-38112, resided in the MSHTML engine of Windows and was actively exploited for over a year before being patched by Microsoft.
How long did the malware exploit Windows before being fixed?
The malware exploited Windows for over a year before being fixed. Malicious code that exploited the vulnerability dates back to at least January 2023 and was circulating as recently as May this year. The vulnerability was present in both Windows 10 and 11, causing devices to open Internet Explorer, a legacy browser that Microsoft decommissioned in 2022.
Which Windows versions were affected by the vulnerability?
The vulnerability affected both Windows 10 and 11, causing devices to open Internet Explorer, a legacy browser that Microsoft decommissioned in 2022. The vulnerability resided in the MSHTML engine of Windows and carried a severity rating of 7.0 out of 10.