Zero Day Initiative - CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections
Briefly

from Zero Day Initiative7 months ago
The CVE-2024-38213 vulnerability allows threat actors to bypass Windows mark-of-the-web protections, leading to remote code execution via malicious files copied from WebDAV shares.
Zero Day Initiativehttps://www.thezdi.com/blog/2024/8/14/cve-2024-38213-copy2pwn-exploit-evades-windows-web-protections
The investigation of DarkGate operators' methods for infecting users using copy-and-paste operations triggered deeper research into Windows Defender SmartScreen, uncovering the CVE-2024-38213 exploit.
Zero Day Initiativehttps://www.thezdi.com/blog/2024/8/14/cve-2024-38213-copy2pwn-exploit-evades-windows-web-protections
As threat actors increasingly use WebDAV shares to host malicious payloads, multiple zero-day vulnerabilities have emerged, including CVE-2024-21412 and CVE-2024-36025, threatening users through unpatched systems.
Zero Day Initiativehttps://www.thezdi.com/blog/2024/8/14/cve-2024-38213-copy2pwn-exploit-evades-windows-web-protections
The discovery and reporting of CVE-2024-38213 was a direct result of analyzing ongoing malicious activities, prompting improvements in Microsoft’s security measures to protect against such exploits.
Zero Day Initiativehttps://www.thezdi.com/blog/2024/8/14/cve-2024-38213-copy2pwn-exploit-evades-windows-web-protections
Read at Zero Day Initiative
#cybersecurity #vulnerabilities #windows-defender #remote-code-execution #webdav
[
|
]