CVE-2024-38189

Summary

CVE-2024-38189 is a newly disclosed vulnerability affecting Microsoft Project, a popular project management software. This remote code execution (RCE) issue allows attackers to execute arbitrary code on targeted systems, potentially leading to significant data loss or unauthorized access. Exploitation of this vulnerability occurs when Microsoft Project fails to properly validate user-supplied data, enabling remote attackers to inject malicious code. Microsoft has released a patch to address this issue, and users are strongly encouraged to apply it as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.