← ExploitWatch
HomeExploited Vulnerabilities

CVE-2012-0151 — Actively Exploited: Windows (Microsoft)

The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.

CVE IDCVE-2012-0151
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability
Date added2022-06-08
Remediation due2022-06-22
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionThe Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →