CVE-2024-38217
Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
⚠ KEVEPSS 13.8%
Description
Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.
How to fix CVE-2024-38217
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2024-38217 being exploited?
Yes — CVE-2024-38217 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.