{"api_version":"1","generated_at":"2026-04-23T08:41:49+00:00","cve":"CVE-2024-29988","urls":{"html":"https://cve.report/CVE-2024-29988","api":"https://cve.report/api/cve/CVE-2024-29988.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-29988","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-29988"},"summary":{"title":"Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability","description":"Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.","state":"PUBLISHED","assigner":"","published_at":"2024-04-30","updated_at":"2026-04-22 20:03:10"},"problem_types":[],"metrics":[],"references":[{"url":"https://www.cve.org/CVERecord?id=CVE-2024-29988","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-29988","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2024","cve_id":"29988","cve":"CVE-2024-29988","vendorProject":"Microsoft","product":"SmartScreen Prompt","vulnerabilityName":"Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability","dateAdded":"2024-04-30","shortDescription":"Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.","requiredAction":"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","dueDate":"2024-05-21","knownRansomwareCampaignUse":"Unknown","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988; https://nvd.nist.gov/vuln/detail/CVE-2024-29988","cwes":"CWE-693","catalogVersion":"2026.04.22","updated_at":"2026-04-22 20:03:10"},"epss":{"cve_year":"2024","cve_id":"29988","cve":"CVE-2024-29988","epss":"0.627680000","percentile":"0.983900000","score_date":"2026-04-22","updated_at":"2026-04-23 00:03:16"},"legacy_qids":[{"cve":"CVE-2024-29988","qid":"92128","title":"Microsoft Windows Security Update for April 2024"}]},"source_records":{"cve_program":null,"nvd":{"publishedDate":null,"lastModifiedDate":null,"problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":null,"notes":[]}}}