CVE-2024-38226
Microsoft Publisher Protection Mechanism Failure Vulnerability
CVSS
—
No CVSS
EPSS
2.7%
p84
KEV
YES
Sep 10, 2024
Exploit Today
75
0-100
Published: — · Last modified: —
Product
Microsoft / Publisher
Vulnerability
Microsoft Publisher Protection Mechanism Failure Vulnerability
Added to KEV
Sep 10, 2024
Remediate by
Oct 1, 2024
Known ransomware use
No
Summary description
Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38226; https://nvd.nist.gov/vuln/detail/CVE-2024-38226
No related CVEs by CWE or product.