Attackers may exploit this vulnerability to steal private data from individuals or organizations.
A patch should be available on August 13th.
An attacker doesn’t need to trick their victim into opening a malicious file or running a bad program.
The following products are impacted by CVE-2024-38200:
MITREsays that attackers are highly likely to exploit this vulnerability.
Blocking TCP 445/SMB outbound in firewall and VPN controls may also reduce potential exposure.
Microsoft is currently working to patch several flaws across the Windows operating system and its first-party apps.
