Home > Cyber News > CVE-2023-29324 in MSHTML Affects All Windows Versions
CYBER NEWS

CVE-2023-29324 in MSHTML Affects All Windows Versions

by   |  Last Update:  |  0 Comments  

CVE-2023-29324 is a new vulnerability in the Windows MSHTML platform.

CVE-2023-29324 Technical Overview: What Is Known So Far

First of, let’s explain what the MSHTML platform is. MSHTML, commonly referred to as Trident, is the browser engine used by Microsoft’s Internet Explorer web browser. It was first introduced with the release of Internet Explorer 4 in 1997.
CVE-2023-29324 in MSHTML Affects All Windows Versions
Ben Barnea, an Akamai security researcher, identified and reported a security feature bypass vulnerability known as CVE-2023-29324, with a CVSS score of 6.5, in the Windows MSHTML platform. This vulnerability could be used to bypass integrity protections on targeted machines and affected all Windows versions.

Fortunately, Microsoft addressed the issue with their Patch Tuesday updates for May 2023. However, Exchange servers with the March update have removed the vulnerable feature and are not affected.




This vulnerability in Windows allows the MapUrlToZone API function to incorrectly assume that a remote path is a local one. This API is often used as a security measure, specifically in the Outlook CVE-2023-23397 vulnerability that was patched on March’s Patch Tuesday.

An unauthenticated attacker on the internet can exploit this vulnerability to make an Outlook client connect to an attacker-controlled server, putting the client’s NTLM credentials at risk.

This zero-click vulnerability can be triggered without any user input, and affects all versions of Windows and Outlook clients, though Microsoft has stated that Exchange servers with the March update have removed the vulnerable feature to protect vulnerable clients from being exploited.

Microsoft strongly suggests installing Internet Explorer Cumulative updates to address any potential weaknesses in the MSHTML platform and scripting engine.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. W32.Rarogminer Monero Miner Worm (lsass.exe) – How to Remove It This article has been created in order to help you...
  2. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  3. January 2023 Patch Tuesday Fixes Actively Exploited CVE-2023-21674 The first Patch Tuesday fixes shipped by Microsoft for 2023...
  4. Apple Fixes CVE-2023-28206, CVE-2023-28205 Zero-Days Apple has released emergency updates to address two actively exploited...
  5. CVE-2021-41379 Affects All Currently Supported Windows Versions CVE-2021-41379 is an elevation-of-privilege vulnerability which Microsoft fixed earlier this...
  6. CVE-2018-0886 Critical Flaw Affects All Windows Versions CVE-2018-0886 is the identifier of a critical flaw found in...
  7. CVE-2023-23397: Outlook Vulnerability Exploited in the Wild Microsoft recently released guidance to help customers discover indicators of...
  8. CVE-2023-1707 Critical HP Printer Vulnerability Affects Businesses This week, HP released a security bulletin regarding a critical-severity...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree