First published: Tue Sep 10 2024(Updated: )
Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 10 | =1607 | |
Microsoft Windows Server 2008 R2 | ||
Microsoft Windows Server 2012 R2 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2008 R2 | ||
Microsoft Windows Server 2012 | ||
Microsoft Windows Server 2022 | ||
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows Server 2008 | ||
Microsoft Windows Server 2008 | ||
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows 11 | =24H2 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | ||
Microsoft Windows 11 | =22H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 11 | =23H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 11 | =23H2 | |
Microsoft Windows Server 2022 | ||
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | ||
Microsoft Windows 11 | =22H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2008 | ||
Microsoft Windows Server 2008 | ||
Microsoft Windows 11 | =24H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows Server 2022, 23H2 Edition | ||
Microsoft Windows Server 2012 R2 | ||
Microsoft Windows Server 2012 | ||
Microsoft Windows | ||
Microsoft Windows 10 1507 | <10.0.10240.20766 | |
Microsoft Windows 10 1507 | <10.0.10240.20766 | |
Microsoft Windows 10 1607 | <10.0.14393.7336 | |
Microsoft Windows 10 1607 | <10.0.14393.7336 | |
Microsoft Windows 10 1809 | <10.0.17763.6293 | |
Microsoft Windows 10 21h2 | <10.0.19044.4894 | |
Microsoft Windows 10 22h2 | <10.0.19045.4894 | |
Microsoft Windows 11 21h2 | <10.0.22000.3197 | |
Microsoft Windows 11 22h2 | <10.0.22621.4169 | |
Microsoft Windows 11 23h2 | <10.0.22631.4169 | |
Microsoft Windows 11 24h2 | <10.0.26100.1742 | |
Microsoft Windows 11 24h2 | <10.0.26100.1742 | |
Microsoft Windows Server 2008 | =sp2 | |
Microsoft Windows Server 2008 | =sp2 | |
Microsoft Windows Server 2008 | =r2 | |
Microsoft Windows Server 2012 | ||
Microsoft Windows Server 2012 | =r2 | |
Microsoft Windows Server 2016 | <10.0.14393.7336 | |
Microsoft Windows Server 2019 | <10.0.17763.6293 | |
Microsoft Windows Server 2022 | <10.0.20348.2700 | |
Microsoft Windows Server 2022 23h2 | <10.0.25398.1128 |
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.