Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
CVE-2024-21351 – Windows SmartScreen Security Feature Bypass Vulnerability, is a security feature bypass vulnerability allows an authorized attacker to send the user a malicious file and after the user to opens it, the attacker could bypass the SmartScreen user experience.
CVE-2024-21412 – Internet Shortcut Files Security Feature Bypass Vulnerability is also a security feature bypass vulnerability that allows an attacker to distribute and install malware by crafting a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.
What You Should Do
If you use any of the programs listed below you should update your systems immediately.
Affected Systems:
.NET, Azure Active Directory, Azure Connected Machine Agent, Azure DevOps, Azure File Sync, Azure Site Recovery, Azure Stack, Internet Shortcut Files, Microsoft ActiveX, Microsoft Azure Kubernetes Service, Microsoft Defender for Endpoint, Microsoft Dynamics, Microsoft Edge (Chromiumbased), Microsoft Exchange Server, Microsoft Office, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Word, Microsoft Teams for Android, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows, Microsoft Windows DNS, Role: DNS Server, Skype for Business, SQL Server, Trusted Compute Base, Windows HyperV, Windows Internet Connection Sharing (ICS), Windows Kernel, Windows LDAP-Lightweight Directory Access Protocol, Windows Message Queuing, Windows OLE, Windows SmartScreen, Windows USB Serial Driver, Windows Win32K ICOMP
If you have questions or need assistance, contact a member of the BMT team.