Though the threat may be patched up by Windows, you could still be at risk for this Windows SmartScreen malware threat. Kurt “CyberGuy" Knutsson discusses the issue.

Today, Microsoft revealed that a Mark of the Web security bypass vulnerability exploited by attackers as a zero-day to bypass SmartScreen protection was patched during the June 2024 Patch Tuesday.

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files.

Phemedrone infostealer campaign has been found to exploit the Windows SmartScreen vulnerability for initial infections.

One moderate vulnerability that's already exploited impacts the Windows SmartScreen Security Feature.

Newly-discovered methods have surfaced that get around Windows' built-in checks for malicious downloads.

How Does Windows SmartScreen Filter Work? SmartScreen relies on reputation-based protection to protect your device from malicious or potentially unwanted apps and websites.