← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-29988 — Actively Exploited: SmartScreen Prompt (Microsoft)

Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.

CVE IDCVE-2024-29988
VendorMicrosoft
ProductSmartScreen Prompt
Vulnerability nameMicrosoft SmartScreen Prompt Security Feature Bypass Vulnerability
Date added2024-04-30
Remediation due2024-05-21
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionMicrosoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →