Microsoft Security Response Center Blog Alerts

CVE-2024-49053 Microsoft Dynamics 365 Sales Spoofing Vulnerability

Published November 26, 2024

Information published.

CVE-2024-49052 Microsoft Azure PolicyWatch Elevation of Privilege Vulnerability

Published November 26, 2024

Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.

CVE-2024-49035 Partner.Microsoft.Com Elevation of Privilege Vulnerability

Published November 26, 2024

An improper access control vulnerability in [Partner.Microsoft.com](https://partner.microsoft.com/) allows an a unauthenticated attacker to elevate privileges over a network.

CVE-2024-49054 Microsoft Edge (Chromium-based) Spoofing Vulnerability

Published November 22, 2024

Updated CWE value. This is an informational change only.

CVE-2024-49060 Azure Stack HCI Elevation of Privilege Vulnerability

Published November 15, 2024

Information published.

Chromium: CVE-2024-11110 Inappropriate implementation in Blink

Published November 14, 2024

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.