Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability

Let’s discuss Fixing a Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-38112). Microsoft recognized a critical security vulnerability in this software, which was identified in the October Patch Tuesday Update.

Do you know what the MSHTML platform is? It is a part of the Internet Explorer browser engine used in various Windows applications. The security vulnerability in MSHTML is critical and must be mitigated immediately.

CISA (Cybersecurity and Infrastructure Security Agency) has warned all federal agencies to immediately implement mitigations to CVE-2024-43573 Microsoft Windows MSHTML Platform Spoofing Vulnerability. This flaw allows hackers to exploit vulnerabilities in MS Internet Explorer.

Attackers exploit this vulnerability, which is still installed on Windows 10 and Windows 11 systems. Users can easily resolve this issue in IE using different methods. This blog post will help you learn more about the Microsoft Windows MSHTML Platform Spoofing Vulnerability.

Patch My PC
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability - Fig.1
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability – Fig.1

Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability

The Microsoft Windows MSHTML Platform Spoofing Vulnerability is raised for several reasons. In this post, we can discuss the reasons and resolution of this vulnerability. The table below shows more details on vulnerability.

Key PointsDetails
Nature of the VulnerabilityIt allows attackers to spoof content, potentially leading to unauthorized access to user data and system compromise
SeverityIt has a CVSS score of 7.5, indicating a high severity level
ImpactExploiting this vulnerability could enable attackers to execute malicious code or gain elevated privileges on the affected system
MitigationMicrosoft has released patches to address this issue, and users are advised to apply these updates promptly
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability – Table.1

Reasons for MSHTML Platform Spoofing Vulnerability

This issue arises due to the MSHTML engine’s improper handling and validation of certain HTML elements. By following these steps, you can easily avoid this vulnerability.

Adaptiva
  • Keep your system updated by installing patches and enabling automatic updates.
  • Use security software such as antivirus, anti-malware, firewalls, etc.
  • Be Cautious with Links and Attachments
  • Use Secure Browsers
  • Enable Security Features such as 2FA etc

Resolution for MSHTML Platform Spoofing Vulnerability

You can disable IE as a stand-alone browser using the Group Policy key or Registry Editor. The following steps will help you to resolve this issue.

GPO to Resolve MSHTML Platform Spoofing Vulnerability

Using Group policy, you can easily resolve the Internet Explorer Security Vulnerability. To access GPO on your PC, open the run command as Win +R, enter the gpedit.msc, and click on the OK button. In the GPO window, Computer Configuration > Administrative Templates >  Windows Components / Internet Explorer.

The MSHTML platform is used in Internet Explorer mode in Microsoft Edge and other applications through WebBrowser control. WebView and some UWP applications use the EdgeHTML platform.

MSHTML and EdgeHTML use scripting platforms, but other legacy applications can also use them. Updates to address vulnerabilities in the MSHTML platform and scripting engine are included in the IE Cumulative Updates; EdgeHTML and Chakra changes do not apply to those platforms.

  • Click on the Disable HTML Application
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability - Fig.2
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability – Fig.2

After that, the Disable HTML Application window will appear. In this window, you can enable and disable it. Click on the radio button near the Enabled option. Then click on the Apply and OK button.

Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability - Fig.3
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability – Fig.3

Registry Editor

Using Registry Editor, you can resolve the Internet Explorer vulnerability. Open the Registry Editor (regedit) in admin mode and Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft. Then select the Microsoft key, right-click it, and select NEW and Key. Create a new key called “Internet Explorer“.

  • Select the new key, “Internet Explorer,” right-click it, and select New and Key. Create a new key called “Main
  • This now looks like this: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main.
  • Select the “Main” key, right-click, and add a New DWOD (32-bit) Value. Name the new DWORD (32-bit) value “NotifyDisableIEOptions.”
  • Double click on the NotifyDisableIEOptions
  • Set the Value of the new DWORD to 0 – Do not display a warning message to users when they use IE
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability - Fig.4
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability – Fig.4

Like the previous step, you can set the value to 1Always display a warning message to users when using IE. Then, Click on the OK button to apply the changes.

Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability - Fig.5
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability – Fig.5

Similar to the previous step, you can set the value to 2Display a warning message to each user only once when they use IE for the first time.

Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability - Fig.6
Fix Highly Critical Microsoft Windows MSHTML Platform Spoofing Vulnerability – Fig.6

Resource

Windows MSHTML Platform Spoofing Vulnerability

Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.

Author

Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and leader of the Local User Group Community. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.