Windows Themes Spoofing Vulnerability - 20240308003

LSerki · Mar 8, 2024 · d4b486a · d4b486a
1 parent 32a6776
commit d4b486a
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/docs/advisories/20240308003-Windows-Themes-Spoofing-Vulnerability.md b/docs/advisories/20240308003-Windows-Themes-Spoofing-Vulnerability.md
@@ -0,0 +1,22 @@
+# Windows Themes Spoofing Vulnerability - 20240308003
+
+## Overview
+
+A spoofing vulnerability has been discoverd in Microsoft Themes. The vulnerability allows a remote attacker to perform spoofing attack.
+
+
+
+## What is vulnerable?
+
+| Product(s) Affected | Summary | Severity     | CVSS |
+| ------------------- | ------- | ------------ | ---- |
+| All Windows versions |  [CVE-2024-21320](https://nvd.nist.gov/vuln/detail/CVE-2024-21320)       | **Medium** | 6.5  |
+
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- [Windows Themes Spoofing Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21320)
+
+