Home tech-portals Microsoft Microsoft Resolves Long-Standi...

Microsoft Resolves Long-Standing Issue in Windows Smart App Control

Microsoft

Business Honor
19 September, 2024

Zero-day flaw exploited since 2018 now patched, enhancing Windows security for users.

A major issue in Windows Smart App Control and SmartScreen, identified as CVE-2024-38217, has been fixed by Microsoft. Attackers were able to get around security measures intended to protect users from untrusted apps due to this vulnerability, which has been exploited since at least 2018.

The issue allowed hackers to evade necessary security checks by hosting malicious files on their servers and tricking users into downloading them. Specifically, the problem was a method called LNK pounding, in which perpetrators altered LNK files to eliminate the "Mark of the Web" symbol, which usually results in security warnings.

This vulnerability was first discovered by Elastic Security Labs, who also revealed that it has been used in several assaults over time. The goal of Microsoft's fast updating is to improve the availability and integrity of its SmartScreen and Smart App Control capabilities, which are essential for user safety.

To take advantage of this security improvement, users of Windows 11 are recommended to make sure their computers are updated. When downloading data from unknown sources, users should use precautions to safeguard against potential risks. A secure computing system must be maintained with regular updates and security procedures.