When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Google found ransomware bypassing Microsoft's SmartScreen that was fixed for Patch Tuesday

Google has announced that its Threat Analysis Group found a flaw in Microsoft's SmartScreen security feature that allowed hackers to distribute the Magniber ransomware. The good news is that Google informed Microsoft of this issue on February 15, and the better news is Microsoft fixed this flaw today as part of the Patch Tuesday update (Windows 11, Windows 10).

Google stated:

The attackers are delivering MSI files signed with an invalid but specially crafted Authenticode signature. The malformed signature causes SmartScreen to return an error that results in bypassing the security warning dialog displayed to users when an untrusted file contains a Mark-of-the-Web (MotW), which indicates a potentially malicious file has been downloaded from the internet.

The blog post stated that Google's Threat Analysis Group had found over 100,000 downloads of these MSI files since January 2023, with the vast majority found in Europe. It added that its own Safe Browsing security feature in Chrome detected over 90 percent of these malicious files.

For its part, Microsoft labeled this security issue as "Moderate" when it listed this patch as CVE-2023-24880 in its own update earlier today.

Source: Google

Report a problem with article
Reddit logo in black background
Next Article

Reddit is down, but a fix is currently under development [Update: Fixed]

Multiview in YouTube TV
Previous Article

YouTube TV starts testing multiview screen feature in limited early access

Join the conversation!

Login or Sign Up to read and post a comment.

0 Comments - Add comment