CVE-2024-38217CISA KEVEPSS p94.9%

CVE-2024-38217Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability

Microsoft / Windows

Description

Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.

Scoring

EPSS9.84% probability of exploitation · percentile 94.9% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2024-09-10

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerabilitykev-cve-2024-382170%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
CVE
CVE-2022-41091
CVE
CVE-2022-41049
CVE
CVE-2026-45595
CVE
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
CVE
Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.