top of page
  • Clipeus

Public POC For Windows Smart Screen Vulnerability

A public proof-of-concept (POC) for the Windows SmartScreen critical vulnerability patched last week (CVE-2023-36025) was reportedly released on 21 November. The vulnerability enables a potential attacker to craft a malicious internet shortcut or link to a malicious file and bypass Windows SmartScreen checks. The attack chain requires user interaction, with phishing being the most likely attack vector. Proofpoint reported attempts to deploy RemcosRAT via exploitation of this vulnerability have already been observed in the wild. At this stage, it is critical for both business and non-corporate users to apply the patch released last week. The attacks have been attributed to Narwhal Spider (a.k.a. TA544), a threat actor formerly linked to spam campaigns distributing the Ursnif trojan across a diverse geography, yet with a particular focus on Western Europe—particularly Italy—and Asia.

Comments


Commenting has been turned off.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to info@clipeusintelligence.com with your inquiry. We would be glad to assist you

bottom of page