CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Oct 1, 2024

High

CISA KEV

CVE-2024-38226

Microsoft—Publisher

Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.

Required Action

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38226; https://nvd.nist.gov/vuln/detail/CVE-2024-38226

Vulnerability Overview

Severity: High
CISA KEV: Yes
Ransomware: Unknown
Published: Sep 10, 2024
KEV Added: Sep 10, 2024
Due Date: Oct 1, 2024
Related Articles: 0

Vendor

Microsoft

Publisher