Microsoft Security Response Center Blog Alerts

Chromium: CVE-2024-12053 Type Confusion in V8

Posted on Friday December 06, 2024

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.

CVE-2024-38199 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

Posted on Monday December 02, 2024

Added acknowledgements. This is an informational change only.

CVE-2024-49035 Partner.Microsoft.Com Elevation of Privilege Vulnerability

Posted on Tuesday November 26, 2024

An improper access control vulnerability in [Partner.Microsoft.com](https://partner.microsoft.com/) allows an a unauthenticated attacker to elevate privileges over a network.

CVE-2024-49038 Microsoft Copilot Studio Elevation Of Privilege Vulnerability

Posted on Tuesday November 26, 2024

Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network.

CVE-2024-49053 Microsoft Dynamics 365 Sales Spoofing Vulnerability

Posted on Tuesday November 26, 2024

Information published.

CVE-2024-49052 Microsoft Azure PolicyWatch Elevation of Privilege Vulnerability

Posted on Tuesday November 26, 2024

Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.

Page:   1...119120121122123124125126127...172