CVE-2024-38165

Summary

CVE-2024-38165 is a newly discovered vulnerability affecting Windows Compressed Folder. An attacker can manipulate compressed files in such a way that, when opened, malicious code is executed on the victim's system. The vulnerability allows for tampering with compressed files, potentially leading to code injection and unauthorized system access. This issue poses a significant risk to organizations and individuals using the affected software, as it can be exploited through specially crafted compressed files sent via email or downloaded from the internet. Microsoft is working on a patch to address this vulnerability, and it is recommended that users apply it as soon as it becomes available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.