Security

Chromium: CVE-2024-12382 Use after free in Translate

December 12, 2024 by Windows Security

0 replies
33 views

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.View the full article

Last reply by Windows Security, December 12, 2024

Chromium: CVE-2024-12381 Type Confusion in V8

December 12, 2024 by Windows Security

0 replies
18 views

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.View the full article

Last reply by Windows Security, December 12, 2024

CVE-2024-49071 Windows Defender Information Disclosure Vulnerability

December 12, 2024 by Windows Security

0 replies
24 views

Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.View the full article

Last reply by Windows Security, December 12, 2024

CVE-2024-49147 Microsoft Update Catalog Elevation of Privilege Vulnerability

December 12, 2024 by Windows Security

0 replies
23 views

Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver.View the full article

Last reply by Windows Security, December 12, 2024

CVE-2023-44487 MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack

December 10, 2024 by Windows Security

0 replies
21 views

To comprehensively address CVE-2023-44487, Microsoft released security updates on October 24, 2023 for all affected versions of .NET and Microsoft Visual Studio. Microsoft recommends that customers running any of these products install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.View the full article

Last reply by Windows Security, December 10, 2024

CVE-2023-38171 Microsoft QUIC Denial of Service Vulnerability

December 10, 2024 by Windows Security

0 replies
23 views

To comprehensively address CVE-2023-38171, Microsoft released security updates on October 24, 2023 for all affected versions of .NET and Microsoft Visual Studio. Microsoft recommends that customers running any of these products install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.View the full article

Last reply by Windows Security, December 10, 2024

CVE-2023-36435 Microsoft QUIC Denial of Service Vulnerability

December 10, 2024 by Windows Security

0 replies
23 views

To comprehensively address CVE-2023-36435, Microsoft has released security updates on October 24, 2023 for .NET 7.0. Microsoft recommends that customers running .NET install the updates to be fully protected from the vulnerability.View the full article

Last reply by Windows Security, December 10, 2024

CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability

December 10, 2024 by Windows Security

0 replies
21 views

To comprehensively address CVE-2024-38033, Microsoft released security updates on December 10, 2024 for all affected versions of Windows Server 2012 and Windows Server 2012 R2. Microsoft recommends that customers running any of these products install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.View the full article

Last reply by Windows Security, December 10, 2024