CVE-2024-29988

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 5 articles

VulnLookup ↗ NVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

60.5%

probability

This CVE has a 60.5% probability of being exploited in the next 30 days.

0% Top 98.3th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Attack Intelligence

CWE-693 · Protection Mechanism Failure

Exploits & PoC

Sploitus/CVE-2024-29988-exploit

Exploit for Microsoft SmartScreen malicious execution (april 2024)

1 repo — triés par ⭐ Rechercher sur GitHub ↗

Microsoft fixes two Windows zero-days exploited in malware attacks

BleepingComputer Apr 09, 2024

Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included

TheHackerNews

New Windows SmartScreen bypass exploited as zero-day since March

BleepingComputer Aug 13, 2024

Microsoft and Adobe Patch Tuesday, April 2024 Security Update Review

Qualys Apr 09, 2024

Security Advisory 2024-034

CERT-EU Apr 10, 2024

Signal Intelligence

Confidenceⓘ

92%

EPSS 60.5%

Mentions 5

Last Seen Aug 13, 2024

CNA Information

Analyst Note

CVE-2024-29988 is explicitly named as a zero-day exploited in malware attacks since March 2024, with Microsoft patching it on April 9, 2024. The timing clearly shows exploitation preceded patch availability, and multiple authoritative sources (BleepingComputer, CERT-EU) confirm active in-the-wild exploitation of this specific SmartScreen bypass vulnerability.

Threat Actors 5

Void Banshee

apt_group unknown

TA571

apt_group 🇷🇺 RU

The White Company

apt_group Information theft and espionage 🇨🇳 CN

Mana Team

apt_group 🇨🇳 CN

APT 5

apt_group Information theft and espionage 🇨🇳 CN

Triage Info

Decided atMar 05, 2026