Lucene search
K

256 matches found

Zero Day Initiative
Zero Day Initiative
added 2024/02/13 12:0 a.m.48 views

Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability

This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

8.8CVSS7.3AI score0.95443EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.2 views

PT-2024-1622

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description The issue is related to a security feature bypass vulnerability in the Windows SmartScreen component, which is associated with errors in security settings. Exploitation of this issu...

9CVSS7.3AI score0.30344EPSS
Exploits0References63
CISA KEV Catalog
CISA KEV Catalog
added 2024/02/13 12:0 a.m.55 views

Microsoft Windows SmartScreen Security Feature Bypass Vulnerability

Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both...

7.6CVSS7.5AI score0.30344EPSS
In wildExploits0
The Hacker News
The Hacker News
added 2024/02/05 3:45 a.m.82 views

New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw

The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report...

8.8CVSS9.4AI score0.88196EPSS
Exploits2
HackRead
HackRead
added 2024/02/02 5:59 p.m.16 views

Mispadu Stealer’s New Variant Targets Browser Data of Mexican Users

By Waqas The new variant of Mispadu Stealer was discovered by Palo Alto's Unit 42 researchers while investigating the Windows Defender SmartScreen vulnerability. This is a post from HackRead.com Read the original post: Mispadu Stealers New Variant Targets Browser Data of Mexican Users...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/01/17 9:44 a.m.10 views

Windows SmartScreen Exploit Paves the Way for Phemedrone Stealer

Summary: The Phemedrone stealer malware campaign exploits a vulnerability in Microsoft Defender SmartScreen. Phemedrone, an open-source information-stealing malware written in C, is designed to extract data from web browsers, and cryptocurrency wallets. Threat Level - Red | Attack Report For a...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/16 7:13 a.m.63 views

Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer

Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. "Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord," Tren...

8.8CVSS7AI score0.88196EPSS
Exploits2
HackRead
HackRead
added 2024/01/15 6:55 p.m.11 views

Windows Defender SmartScreen Vulnerability Exploited with Phemedrone Stealer

By Deeba Ahmed Attackers Leveraging Windows Vulnerability in Phemedrone Malware Campaign for Enhanced Stealth. This is a post from HackRead.com Read the original post: Windows Defender SmartScreen Vulnerability Exploited with Phemedrone Stealer...

7.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/01/12 12:0 a.m.48 views

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload...

6.8CVSS7.2AI score0.88196EPSS
Exploits2
GithubExploit
GithubExploit
added 2023/12/28 11:29 p.m.411 views

Exploit for CVE-2023-36025

EXPLOIT CVE-2023-36025 - Description Windows SmartScreen Sec...

8.8CVSS9.1AI score0.88196EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2023/11/18 12:0 a.m.7 views

The vulnerability of the SmartScreen security component, which prevents unauthorized access and malicious programs from being executed on Windows operating systems, allows attackers to circumvent security restrictions.

The vulnerability of the SmartScreen security component against phishing and malicious programs in Windows operating systems is related to errors in security settings. Exploiting this vulnerability can allow a remote attacker to circumvent security restrictions by opening a specially created...

10CVSS8.1AI score0.88196EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2023/11/16 12:0 a.m.102 views

Microsoft Windows Multiple Vulnerabilities (KB5032189)

This host is missing an important security update according to Microsoft KB5032189 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.8CVSS8AI score0.88196EPSS
Exploits6References3
The Hacker News
The Hacker News
added 2023/11/15 5:46 a.m.200 views

Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity...

9.8CVSS9.5AI score0.88196EPSS
Exploits8
OpenVAS
OpenVAS
added 2023/11/15 12:0 a.m.68 views

Microsoft Windows Multiple Vulnerabilities (KB5032192)

This host is missing an important security update according to Microsoft KB5032192 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.8CVSS8AI score0.88196EPSS
Exploits7References3
Krebs on Security
Krebs on Security
added 2023/11/14 11:0 p.m.85 views

Microsoft Patch Tuesday, November 2023 Edition

Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three "zero day" vulnerabilities that Microsoft warns are already being exploited in active attacks. The zero-day threats targeting Microsoft this month...

6.8CVSS7.7AI score0.88196EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2023/11/14 9:27 p.m.148 views

Patch Tuesday - November 2023

Microsoft is addressing 64 vulnerabilities this November Patch Tuesday, including five zero-day vulnerabilities as well as one critical remote code execution RCE vulnerability. Overall, this month sees significantly fewer vulnerabilities addressed across a smaller number of products than has been...

7.5CVSS10AI score0.99999EPSS
Exploits34
NVD
NVD
added 2023/11/14 6:15 p.m.28 views

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability...

8.8CVSS0.88196EPSS
Exploits2References2
OSV
OSV
added 2023/11/14 6:15 p.m.2 views

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability...

8.8CVSS5.8AI score0.88196EPSS
Exploits2References2
Prion
Prion
added 2023/11/14 6:15 p.m.26 views

Security feature bypass

Windows SmartScreen Security Feature Bypass Vulnerability...

6.8CVSS7.2AI score0.88196EPSS
Exploits2References1Affected Software2
Vulnrichment
Vulnrichment
added 2023/11/14 5:57 p.m.13 views

CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability

...

8.8CVSS7.1AI score0.88196EPSS
Exploits2References1
Rows per page
Query Builder