BenTech
Share
01/02/2025
24/11/2024
Newly discovered zero-day vulnerability, CVE-2024-43451, is actively exploiting seemingly harmless actions, such as a single right-click on a malicious file, to take control of Windows systems.
This critical vulnerability, uncovered by the ClearSky Cyber Security team in June 2024, has been linked to attacks aimed specifically at Ukrainian organizations. The zero-day flaw affects nearly all versions of Windows, including Windows 10, and 11, and some configurations of older versions like Windows 7 and 8.1. The vulnerability is triggered by interacting with specially crafted URL files disguised as legitimate documents:
⚠️ A single right-click on a malicious file (affects all Windows versions).
⚠️ Deleting the file (Windows 10/11).
⚠️ Dragging the file to another folder (Windows 10/11 and some older versions).
The malicious files, often disguised as academic certificates, were first observed being distributed from a compromised official Ukrainian government website. Microsoft addressed this vulnerability with a security patch released on November 12, 2024. Users are urged to update their systems immediately to prevent exploitation of CVE-2024-43451. Maintaining up-to-date security patches remains critical for safeguarding against these ongoing attacks.
