CVE-2024-43488: Visual Studio Code extension for Arduino Remote Code Execution Vulnerability

CVE-2024-43611: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-43593: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-43592: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-43583: Winlogon Elevation of Privilege Vulnerability

**How could an attacker exploit the vulnerability?**

To exploit this vulnerability, an attacker could host a file on an attacker-controlled server, then convince a targeted user to download and open the file. This could allow the attacker to interfere with the Mark of the Web functionality.

Please see Additional information about Mark of the Web for further clarification

Headline

CVE-2023-36584: Windows Mark of the Web Security Feature Bypass Vulnerability

Microsoft Security Response Center: Latest News