CVE-2024-43573

Windows MSHTML Platform Spoofing Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

Microsoft Windows MSHTML Platform Spoofing Vulnerability

Microsoft Windows MSHTML Platform contains a user interface UI misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerability was exploited in conjunction with CVE-2024-38112...

CVE-2024-43461

Windows MSHTML Platform Spoofing Vulnerability...

CVE-2024-43461 Windows MSHTML Platform Spoofing Vulnerability

...

CVE-2024-43461 Windows MSHTML Platform Spoofing Vulnerability

...

CVE-2024-43461

CVE-2024-43461 — Windows MSHTML Platform Spoofing Vulnerability : A UI misrepresentation in MSHTML that can be used to spoof a web page. Affected component: Windows MSHTML Platform. Underlying issue is a UI spoofing flaw; CVSSv3.1 score 8.8 ( NETWORK, LOW, NONE, UI: REQUIRED; Confidentiality/Inte...

Windows MSHTML Platform Spoofing Vulnerability

...

KLA73222 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a...

PT-2024-6158

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version Description The issue is related to a Windows MSHTML platform spoofing vulnerability, which allows attackers to execute arbitrary code remotely. This vulnerability has been exploited by the...

KB5043055: Windows Server version 23H2 Security Update (September 2024)

The remote Windows host is missing security update 5043055. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows Remote Desktop Licensing...

Microsoft Windows MSHTML Platform 安全漏洞

Microsoft Windows MSHTML Platform is an application from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows MSHTML Platform. The following products and versions are affected:Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for x64-based...

KB5043064: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (September 2024)

The remote Windows host is missing security update 5043064. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability CVE-2024-38240 - Windows TCP/IP Remote...

KB5042881: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (September 2024)

The remote Windows host is missing security update 5042881 or hotpatch update 5042880. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows...

KB5043092: Windows Server 2008 R2 Security Update (September 2024)

The remote Windows host is missing security update 5043092. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows Remote Desktop Licensing...

KB5043050: Windows 10 version 1809 / Windows Server 2019 Security Update (September 2024)

The remote Windows host is missing security update 5043050. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows Remote Desktop Licensing...

KB5043083: Windows 10 LTS 1507 Security Update (September 2024)

The remote Windows host is missing security update 5043083. It is, therefore, affected by multiple vulnerabilities - Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 initial...

CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks

Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it has been patched...

Attacks, Vulnerabilities and Actors 01 to 07 July 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made substantial advancements in identifying cybersecurity threats. In just the past week, HiveForce Labs detected eleven executed attacks, reported five vulnerabilities, and identified three active...

Patch Tuesday - July 2024

Microsoft is addressing 139 vulnerabilities this July 2024 Patch Tuesday, which is on the high side in terms of typical CVE counts. They’ve also republished details for 4 CVEs issued by other vendors that affect Microsoft products. Microsoft has evidence of in-the-wild exploitation for 2 of the...

Patch Tuesday - July 2024

Microsoft is addressing 139 vulnerabilities this July 2024 Patch Tuesday, which is on the high side in terms of typical CVE counts. They’ve also republished details for 4 CVEs issued by other vendors that affect Microsoft products. Microsoft has evidence of in-the-wild exploitation for 2 of the...