Microsoft Windows SmartScreen Security Feature Bypass Vulnerability

Added Nov. 14, 2023 • Due Dec. 5, 2023 • CVE-2023-36025

Overdue Microsoft / Windows

Description

Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36025
https://nvd.nist.gov/vuln/detail/CVE-2023-36025

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 4 months, 1 week ago