By Rebecca Albert It took 6 years for Microsoft to become aware of a Windows security flaw and patch it. It allows the operating system’s security programs to be bypassed.
Security vulnerabilities in Windows 10 or Windows 11 are like operating system updates: there’s no escaping them. Some can trigger looping blue screens of death, others allow the attacker to take control of your PC. Whether they’re spotted by Microsoft or companies specializing in cybersecurity, they are fortunately quickly filled. But you still have to know that they exist. Some can surprisingly go unnoticed for years.
This is the case of the one discovered by Elastic Security Labs last month. The firm alerted Microsoft about a vulnerability whose the oldest example of exploitation dates from 2018. So that makes at least It has existed for 6 years. Hackers use it to install malicious applications on target computers by bypassing 3 Windows security features: the Smart App ControlTHE SmartScreen and the Mark of the Web (WordW).
Microsoft finally closes this Windows flaw exploited since 2018
In summary, the first two block potentially unwanted applications relying on the third, an identifier marking files downloaded from the Internet as possibly dangerous. To avoid triggering this system, hackers create infected files that point to a legitimate Windows program (the calculator for example).
Read also – For nearly 20 years, a hacker has been able to steal your data by exploiting this security flaw in Chrome, Firefox and Safari
But they add a dot or space in the path. When the victim opens the file, Windows Explorer corrects the path error by itself and starts the correct application, except that this deactivates the MotW and thus the triggering of the control processes. Identified by the reference CVE-2024-38217, this flaw has since been corrected by Microsoft. The patch is currently being deployed and should arrive in the coming weeks on all computers. Don’t forget to apply it if you don’t have automatic Windows updates enabled.