A serious security vulnerability has been discovered in Windows 10 and 11, involving a spoofing attack that exploits an old Internet Explorer flaw. The vulnerability, identified as CVE-2024-38112 and dubbed 'Void Banshee,' allows attackers to target Windows users through zero-day attacks using 'Zombie Internet Explorer.' This issue has been exacerbated by attackers exploiting URL protections to disguise phishing links. The Zero Day Initiative (ZDI) criticized Microsoft for mishandling the coordinated vulnerability disclosure process, including failure to properly credit researchers and misstating the category and severity of the vulnerability.