- Description
- Windows MSHTML Platform Spoofing Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_21h2, windows_11_22h2, windows_11_23h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Windows MSHTML Platform Spoofing Vulnerability
- Exploit added on
- Jul 9, 2024
- Exploit action due
- Jul 30, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-451
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
Microsoft has released a critical fix for a zero-day vulnerability in Windows MSHTML (CVE-2024-38112). I 👉 At Powerful IT Systems, we don’t wait for things to break. #WindowsSecurity #powerfulitsystems https://t.co/hNppVhYoVd
@MKEITservices
21 Jul 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
: 🚨 Urgent Windows Alert: Microsoft patches CVE-2024-38112—hackers used fake PDF shortcuts to spread malware. Update your system now! 🛡️ https://t.co/wC7lBlRKcs
@Shoukat_Sukkur
21 Jul 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
: 🚨 Urgent Windows Alert: Microsoft patches CVE-2024-38112—hackers used fake PDF shortcuts to spread malware. Update your system now! 🛡️ https://t.co/GhkLXJGzM5
@Shoukat_Sukkur
21 Jul 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Patch out for CVE-2024-49041, an Edge vulnerability we disclosed to @Microsoft. This finding came as a result of our previous disclosure of CVE-2024-43461 and CVE-2024-38112. A case of narrow patching in Internet Explorer vs. Microsoft Edge! #infosec https://t.co/lKtnGhtxpJ
@gothburz
10 Dec 2024
2753 Impressions
5 Retweets
15 Likes
3 Bookmarks
0 Replies
0 Quotes
WATCH 🎬: Trend Micro Vision One takes on the Void Banshee campaign exploiting CVE-2024-38112. Watch our comprehensive video to see detection in action and learn how to stay protected. For the full report, click here: https://t.co/C20leQZf7N #BHUSA https://t.co/vE2Lo0BnkI
@TrendMicro
1 Nov 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7482622-F4B1-4086-8484-136592BAACCE",
"versionEndExcluding": "10.0.10240.20710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "0307F3A7-693F-45DC-9A11-AE725F942F1F",
"versionEndExcluding": "10.0.14393.7159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "EC49BDAF-EAFF-4803-9944-826C82A5DBD8",
"versionEndExcluding": "10.0.14393.7159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "CC6302F7-6909-4EAA-A1BB-3B2BA92680BC",
"versionEndExcluding": "10.0.17763.6054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "6DCF52FA-7A1F-44B4-8405-7D4C9E1CB79F",
"versionEndExcluding": "10.0.17763.6054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "905A0D97-FCF2-4999-A3F3-C79D88511D52",
"versionEndExcluding": "10.0.19044.4651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEB25D6-2E73-4DF4-9D7D-2C9780101B1B",
"versionEndExcluding": "10.0.19045.4651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4C0A5A-B376-4DE8-A02A-5E341825AAAB",
"versionEndExcluding": "10.0.22000.3079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B9B3F1-347C-4935-BFA9-6B4191831D28",
"versionEndExcluding": "10.0.22621.3880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E199129F-7F75-42C8-ABA0-7439FE50676B",
"versionEndExcluding": "10.0.22631.3880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C9A2A5-AE44-4583-A7B1-B8D62B0E83BB",
"versionEndExcluding": "10.0.14393.7159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3401E6F7-2430-4247-8A22-0B733A03501A",
"versionEndExcluding": "10.0.17763.6054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E433A09-F730-4EBE-8050-8789755B0D35",
"versionEndExcluding": "10.0.20348.2582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA01A4A-9AED-484A-8B10-3282FA13F635",
"versionEndExcluding": "10.0.25398.1009",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]