Vulnerability Management, Threat Management

Unofficial patch issued for exploited Windows Mark of the Web bug

Share

Micropatching service 0patch has developed free unofficial fixes aimed at addressing a zero-day vulnerability within the Windows Mark of the Web security mechanism, which has since been exploited by threat actors, BleepingComputer reports. Such a flaw, which has not yet been patched by Microsoft despite being reported to the company in July, could be leveraged to prevent the application of MotW labels on files that have been extracted from internet-downloaded ZIP archives. "An attacker could deliver Word or Excel files in a downloaded ZIP that would not have their macros blocked due to the absence of the MotW (depending on Office macro security settings), or would escape the inspection by Smart App Control," said 0patch co-founder and ACROS Security CEO Mitja Kolsek. Micropatches could be applied to Windows 10 v1803 and later, Windows 7 with or without ESU, Windows Server 2008 R2 with or without ESU, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, and Windows Server 2022.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.