Exploit for External Control of File Name or Path in Microsoft

CVE-2025-33053 POC Exploit Overview The working director...

July “In the Trend of VM” (#17): vulnerabilities in Microsoft Windows and Roundcube

July "In the Trend of VM" 17: vulnerabilities in Microsoft Windows and Roundcube. A traditional monthly roundup. This time, it's a very short one. Post on Habr rus Digest on the PT website rus Only three trending vulnerabilities: Remote Code Execution - Internet Shortcut Files CVE-2025-33053...

About Remote Code Execution – Internet Shortcut Files (CVE-2025-33053) vulnerability

About Remote Code Execution - Internet Shortcut Files CVE-2025-33053 vulnerability. A vulnerability from the June Microsoft Patch Tuesday. This vulnerability immediately showed signs of exploitation in the wild. This flaw allows a remote attacker to execute arbitrary code when a victim opens a...

CVE-2025-33053

External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network...

VulnCheck KEV: CVE-2025-33053

Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files...

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer

An advanced persistent threat APT group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zero-day to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in mid-Ma...

Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability

This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

Microsoft’s February 2024 Patch Tuesday Addresses Two Zero-day Vulnerabilities

Summary: Microsofts February 2024 Patch Tuesday addresses 73 vulnerabilities, including actively exploited zero-days, spanning various products like Office, Exchange Server, and Windows Kernel. Critical flaws in Windows SmartScreenCVE-2024-21351, Internet Shortcut FilesCVE-2024-21412, and Microso...

The vulnerability of the Internet Shortcut Files Security function in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of the Internet Shortcut Files Security function in Windows operating systems is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker, operating remotely, to circumvent existing security restrictions by allowing the user to open ...

Update now! Microsoft fixes two zero-days on February Patch Tuesday

Microsoft has issued patches for 73 security vulnerabilities in its February 2024 Patch Tuesday. Among these vulnerabilities are two zero-days that are reportedly being used in the wild. The two zero-day vulnerabilities have already been added to the Cybersecurity & Infrastructure Security Agency...

DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability

A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra aka DarkCasino targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails...

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days

Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and...

Microsoft Windows Multiple Vulnerabilities (KB5034765)

This host is missing an important security update according to Microsoft KB5034765 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Windows Multiple Vulnerabilities (KB5034766)

This host is missing an important security update according to Microsoft KB5034766 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Patch Tuesday - February 2024

Microsoft is addressing 73 vulnerabilities this February 2024 Patch Tuesday, including two actually, three! zero-day/exploited-in-the-wild vulnerabilities, both of which are already included on the CISA KEV list. Today also brings patches for two critical remote code execution RCE vulnerabilities...

CVE-2024-21412

Internet Shortcut Files Security Feature Bypass Vulnerability...

CVE-2024-21412

Internet Shortcut Files Security Feature Bypass Vulnerability...

Security feature bypass

Internet Shortcut Files Security Feature Bypass Vulnerability...

CVE-2024-21412 Internet Shortcut Files Security Feature Bypass Vulnerability

...

CVE-2024-21412

CVE-2024-21412 is a Windows SmartScreen security feature bypass that lets a downloaded file, marked by the Mark of the Web (MoTW), execute without SmartScreen prompts when dealing with Internet Shortcut files. Connected sources cite in-the-wild activity (Water Hydra) and exploitation via spearphi...