⚠ Actively exploited in ransomware campaigns

This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.. Due date: 2024-03-05.

CVE-2024-21412 — Protection Mechanism Failure in Microsoft Windows 10 Version 1809

CWE-693 — Protection Mechanism Failure72 documents17 sources

Severity

8.1HIGHNVD

VulnCheck8.8VulnCheck7.8CISA7.8

EPSS

93.8%

top 0.14%

CISA KEV

KEVRansomware

Added 2024-02-13

Due 2024-03-05

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Windows 10 Version 1809 Microsoft Windows 10 Version 21h2 Microsoft Windows 10 Version 22h2 +13 more

Timeline

PublishedFeb 13

KEV addedFeb 13

KEV dueMar 5

Latest updateFeb 2

CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Internet Shortcut Files Security Feature Bypass Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages16 packages

▶NVDmicrosoft/windows< 10.0.17763.5458+2

▶NVDmicrosoft/windows_10_1809< 10.0.17763.5458

▶NVDmicrosoft/windows_10_21h2< 10.0.19044.4046

▶NVDmicrosoft/windows_10_22h2< 10.0.19045.4046

▶NVDmicrosoft/windows_11_21h2< 10.0.22000.2777

Patches

Patch: msrc.microsoft.com ↗Patch: msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-2mmw-g99r-5x3v: Internet Shortcut Files Security Feature Bypass Vulnerability↗2024-02-13

▶

CVEList

Internet Shortcut Files Security Feature Bypass Vulnerability↗2024-02-13

▶

VulnCheck

Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability↗2024

▶

VulnCheck

Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability↗2024

▶

VulnCheck

Microsoft Windows SmartScreen Security Feature Bypass Vulnerability↗2023

▶

📋Vendor Advisories

CISA

Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability↗2024-04-30

▶

Microsoft

Internet Shortcut Files Security Feature Bypass Vulnerability↗2024-02-13

▶

CISA

Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability↗2024-02-13

▶

🕵️Threat Intelligence

Greynoiseio

The Noise in the Silence: Unmasking CISA's Hidden KEV Ransomware Updates↗2026-02-02

▶

Sentinelone

DragonForce Ransomware Gang | From Hacktivists to High Street Extortionists↗2025-05-03

▶

Sentinelone

DragonForce Ransomware Gang | From Hacktivists to High Street Extortionists↗2025-05-03

▶

Bleepingcomputer

7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now↗2025-01-21

▶

Tenable

Microsoft Patch Tuesday 2024 Year in Review↗2024-12-10

▶