CVE-2024-21351: Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
First published: Tue Feb 13 2024(Updated: )
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Server 2016 | ||
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows Server 2022 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 11 | =23H2 | |
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows 11 | =23H2 | |
| Microsoft Windows Server 2019 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 11 | =21H2 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 11 | =21H2 | |
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows 11 | =22H2 | |
| Microsoft Windows 11 | =22H2 | |
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows | ||
| Microsoft Windows 10 1507 | <10.0.10240.20469 | |
| Microsoft Windows 10 Version 1607 x86 | <10.0.14393.6709 | |
| Microsoft Windows 10 1809 | <10.0.17763.5458 | |
| Microsoft Windows 10 21h2 | <10.0.19044.4046 | |
| Microsoft Windows 10 22h2 | <10.0.19045.4046 | |
| Microsoft Windows 11 21h2 | <10.0.22000.2777 | |
| Microsoft Windows 11 22h2 | <10.0.22621.3155 | |
| Microsoft Windows 11 23h2 | <10.0.22631.3155 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2019 | <10.0.17763.5458 | |
| Microsoft Windows Server 2022 | <10.0.20348.2322 | |
| Microsoft Windows Server 2022 23H2 | <10.0.25398.709 |
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.theregister.com/2024/02/14/patch_tuesday_feb_2024/
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21351 (Advisory)
- https://www.bleepingcomputer.com/news/security/hackers-used-new-windows-defender-zero-day-to-drop-darkme-malware/
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21351;
- https://nvd.nist.gov/vuln/detail/CVE-2024-21351
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2024-21351?
CVE-2024-21351 is classified as a security feature bypass vulnerability with potential for code execution.
How do I fix CVE-2024-21351?
To fix CVE-2024-21351, apply the security patches provided by Microsoft for the affected versions of Windows.
What versions of Windows are affected by CVE-2024-21351?
CVE-2024-21351 affects multiple versions of Windows, including Windows 10, Windows 11, and Windows Server.
What potential impact does CVE-2024-21351 have on systems?
The impact of CVE-2024-21351 can include unauthorized code execution, which may lead to data exposure or loss of system availability.
How can I identify if my Windows system is vulnerable to CVE-2024-21351?
You can determine your system's vulnerability to CVE-2024-21351 by checking the installed version of Windows against the list of affected products and whether recent patches have been applied.
- collector/the-register
- source/The Register
- alias/CVE-2024-21412
- alias/CVE-2023-38831
- alias/CVE-2024-21351
- alias/CVE-2024-20290
- alias/CVE-2024-0031
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- agent/severity
- agent/description
- agent/first-publish-date
- agent/type
- zeroday/true
- agent/news-ai
- exploited/true
- collector/msrc
- agent/title
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2023-36025
- agent/remedy
- agent/weakness
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/author
- agent/event
- agent/trending
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- vendor/microsoft
- canonical/microsoft windows server 2016
- canonical/microsoft windows 10
- version/microsoft windows 10/21h2
- version/microsoft windows 10/1809
- canonical/microsoft windows server 2022
- version/microsoft windows 10/1607
- canonical/microsoft windows 11
- version/microsoft windows 11/23h2
- version/microsoft windows 10/22h2
- canonical/microsoft windows server 2019
- version/microsoft windows 11/21h2
- version/microsoft windows 11/22h2
- canonical/microsoft windows
- canonical/microsoft windows 10 1507
- canonical/microsoft windows 10 version 1607 x86
- canonical/microsoft windows 10 1809
- canonical/microsoft windows 10 21h2
- canonical/microsoft windows 10 22h2
- canonical/microsoft windows 11 21h2
- canonical/microsoft windows 11 22h2
- canonical/microsoft windows 11 23h2
- canonical/microsoft windows server 2022 23h2