CVE-2024-38226 - Microsoft Publisher Protection Mechanism Failure Vulnerability

Vulnerability Name

Microsoft Publisher Protection Mechanism Failure Vulnerability

Description

Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38226

https://nvd.nist.gov/vuln/detail/CVE-2024-38226

Related News Articles

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows FlawsSeptember 11, 2024

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixesSeptember 11, 2024

Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flawsSeptember 11, 2024