CVE-2024-38051 hasn't been fixed on Windows devices, as CrowdStrike Spotlight still picks it up

The July Patch Tuesday updates were released two weeks ago, and they fixed more than 140 vulnerabilities, many of them critical and important.

The patch fixed many vulnerabilities, including CVE-2024-38051, which allows remote code execution. Fixing it was a priority for the Redmond-based tech giant, as it could lead to serious hacking issues and the risk of losing sensitive information.

However, even though two weeks have passed since the vulnerability was fixed, some Windows users have reported that external anti-malware software, such as CrowdStrike, is still picking it up.

Good day all,

Not sure if the community is aware, but even though we are patched with this KB. It is being flagged as vulnerable per below. Is there a fix or any insight as to why it’s still being flagged? Thank you.

This is being picked up by Crowdstrike Spotlight.

C:\Windows\System32\gdi32full.dll

Version

10.0.22621.3672

Expected Value

10.0.22621.3880

CrowdStrike is famously experiencing a security crisis right now, but apparently, it’s not the company’s fault that CVE-2024-38051 is still being picked up on Windows devices.

One of the users says Microsoft might be at fault since it’s happening on multiple devices.

This is confirmed to be true with us. It appears Microsoft failed to properly update the DLL file, as it has not been modified since last patch Tuesday on my device. Microsoft must provide us with a hotfix patch to remediate this ASAP.

Windows User

What to do? For now, if you’re dealing with it, you can report it to Microsoft and CrowdStrike.