Tag

#smartscreen

2 posts tagged #smartscreen.

Analysis · May 20, 2026 · analysis-desk

The same crew beat the same defense twice in three months. The patch was the problem.

CVE-2023-24880 let Magniber ransomware bypass SmartScreen with malformed MSI signatures. It worked because Microsoft's earlier fix for nearly the same bug addressed one symptom and left the root cause standing. Narrow patches invite variants, and the attacker just comes back.
Analysis · May 20, 2026 · The Commentary Desk

The warning your careful users count on, that quietly never fired

CVE-2024-21412 bypasses Windows SmartScreen with a shortcut inside a shortcut. The file looks like a JPEG, the user double-clicks, and the safety prompt that was supposed to appear simply doesn't. It's also a bypass of the previous SmartScreen fix.