August 5, 2024 at 03:56PM Design flaw in Windows Smart App Control and SmartScreen allows attackers to run programs without security warnings since 2018. As the executive assistant, I will diligently and accurately generate clear takeaways from the meeting notes. It appears that a design flaw in Windows Smart App Control and SmartScreen has been … Read more
August 5, 2024 at 09:18AM Cybersecurity researchers have identified design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen, potentially allowing threat actors to gain access without triggering warnings. These vulnerabilities include bypassing protections with a legitimate EV certificate, reputation hijacking, seeding, tampering, and LNK stomping. This underscores the need for additional scrutiny in download … Read more
March 14, 2024 at 02:23AM DarkGate malware exploits a fixed Windows Defender SmartScreen flaw to install fake software, overcoming security checks. This flaw, tracked as CVE-2024-21412, allows attackers to execute files automatically. Trend Micro reports that DarkGate operators are using this vulnerability to enhance infection rates. The campaign involves a multi-step infection chain and employs … Read more
February 14, 2024 at 12:51AM Microsoft has released 73 patches to address security flaws in its software lineup for February 2024’s Patch Tuesday updates. This includes 5 Critical, 65 Important, and 3 Moderate vulnerabilities, along with fixes for the Chromium-based Edge browser. Among the critical flaws is a bypass vulnerability in Windows SmartScreen and Internet … Read more
February 13, 2024 at 03:16PM Microsoft issued a patch for CVE-2024-21412, a zero-day SmartScreen vulnerability used by the Water Hydra APT group to target financial market traders. Trend Micro protects customers from this, emphasizing the importance of proactive cybersecurity measures and a dedicated bug bounty program. Trend customers have been protected since January 17 via … Read more
November 14, 2023 at 07:42PM Microsoft’s November Patch Tuesday fixes around 60 vulnerabilities, including three that have already been exploited. These include privilege-escalation vulnerabilities in Windows Desktop Manager and Windows Cloud Files Mini Filter Driver, as well as a security feature bypass flaw in Windows Defender SmartScreen. Additionally, Adobe patched 76 vulnerabilities across its products, … Read more