CVE-2024-21412
8.1HIGHInternet Shortcut Files Security Feature Bypass Vulnerability
Published: 2/13/2024Updated: 10/28/2025
CISA Known Exploited Vulnerability
Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.
Required Action:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date:
2024-03-05
Known Ransomware Use
Description
Internet Shortcut Files Security Feature Bypass Vulnerability
AI AnalysisPowered by AI
Affected Products
microsoftwindows_10_1809
microsoftwindows_10_21h2
microsoftwindows_10_22h2
microsoftwindows_11_21h2
microsoftwindows_11_22h2
microsoftwindows_11_23h2
microsoftwindows_server_2019
microsoftwindows_server_2022
microsoftwindows_server_2022_23h2
References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21412PatchVendor Advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21412PatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21412US Government Resource