Microsoft Updates And Notifications For October 2024

Discussion in 'other security issues & news' started by ronjor, Sep 30, 2024.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
    September 2024 updates for Microsoft Office
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
    October 3, 2024

     
  3. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,227
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,469
    Location:
    U.S.A. (South)
    Windows 10 Enterprise IoT LTSC 2021 applies to ME, so thanks @anon on this particular heads up notice.

    I will do a Hasleo Backup Incremental before installing it as a precaution.
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
    October 10, 2024
     
  8. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    CVEs have been published or revised in the Security Update Guide

    October 11, 2024

    These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

    CVE-2024-43481

    · Title: Power BI Report Server Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Article links in the Security Updates table. This is an informational change only.

    · Originally released: October 8, 2024

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-43483

    · Title: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

    · Version: 1.2

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: October 8, 2024

    · Last updated: October 11, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-43484

    · Title: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: October 8, 2024

    · Last updated: October 11, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-43612

    · Title: Power BI Report Server Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Article links in the Security Updates table. This is an informational change only.

    · Originally released: October 8, 2024

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-6197

    · Title: Hackerone: CVE-2024-6197 Freeing stack buffer in utf8asn1str

    · Version: 1.1

    · Reason for revision: Updated CVE title. This is an informational change only.

    · Originally released: October 8, 2024

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-9602

    · Title: Chromium: CVE-2024-9602 Type Confusion in V8

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 10, 2024

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9603

    · Title: Chromium: CVE-2024-9603 Type Confusion in V8

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 10, 2024

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:
     
  9. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    CVEs have been published or revised in the Security Update Guide

    October 15, 2024

    These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

    CVE-2024-38139

    · Title: Microsoft Dataverse Elevation of Privilege Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 15, 2024

    · Last updated: October 15, 2024

    · Aggregate CVE Severity Rating: Critical

    CVE-2024-38190

    · Title: Power Platform Information Disclosure Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 15, 2024

    · Last updated: October 15, 2024

    · Aggregate CVE Severity Rating: Critical

    CVE-2024-38204

    · Title: Imagine Cup site Information Disclosure Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 15, 2024

    · Last updated: October 15, 2024

    · Aggregate CVE Severity Rating: Critical
     
  10. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    CVEs have been published or revised in the Security Update Guide

    October 16, 2024


    These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

    CVE-2024-38202

    · Title: Windows Update Stack Elevation of Privilege Vulnerability

    · Version: 2.1

    · Reason for revision: Executive Summary revised to correct the availability status of security updates which mitigate this vulnerability as they were released October 08, 2024 and are provided in the Security Updates table of this CVE. This is an informational change only.

    · Originally released: August 7, 2024

    · Last updated: October 15, 2024

    Aggregate CVE Severity Rating: Important
     
  11. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    CVEs have been published or revised in the Security Update Guide

    October 17, 2024

    These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

    CVE-2024-43566

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-43578

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2024-43579

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-43580

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Low

    CVE-2024-43587

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Low

    CVE-2024-43595

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2024-43596

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-9954

    · Title: Chromium: CVE-2024-9954 Use after free in AI

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9955

    · Title: Chromium: CVE-2024-9955 Use after free in Web Authentication

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9956

    · Title: Chromium: CVE-2024-9956 Inappropriate implementation in Web Authentication

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9957

    · Title: Chromium: CVE-2024-9957 Use after free in UI

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9958

    · Title: Chromium: CVE-2024-9958 Inappropriate implementation in PictureInPicture

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9959

    · Title: Chromium: CVE-2024-9959 Use after free in DevTools

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9960

    · Title: Chromium: CVE-2024-9960 Use after free in Dawn

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9961

    · Title: Chromium: CVE-2024-9961 Use after free in Parcel Tracking

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9962

    · Title: Chromium: CVE-2024-9962 Inappropriate implementation in Permissions

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9963

    · Title: Chromium: CVE-2024-9963 Insufficient data validation in Downloads

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9964

    · Title: Chromium: CVE-2024-9964 Inappropriate implementation in Payments

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9965

    · Title: Chromium: CVE-2024-9965 Insufficient data validation in DevTools

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-9966

    · Title: Chromium: CVE-2024-9966 Inappropriate implementation in Navigations

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating:
     
  12. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,227
  13. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,227
  14. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    CVEs have been published or revised in the Security Update Guide

    October 23, 2024

    These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

    CVE-2024-0132

    · Title: NVIDIA: CVE-2024-0132 Container Toolkit 1.16.1 and Earlier Time-of-check Time-of Use Vulnerability

    · Version: 2.0

    · Reason for revision: In the Security Updates table, added Azure Kubernetes Service Node on Azure Linux and Azure Kubernetes Service Node on Ubuntu Linux because these product are also affected by this vulnerability. Microsoft strongly recommends that customers using these products install the updates to be fully protected from the vulnerability.

    · Originally released: October 9, 2024

    · Last updated: October 23, 2024

    · Aggregate CVE Severity Rating: Critical

    CVE-2024-43577

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Low

    CVE-2024-49023

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Moderate
     
  15. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    CVEs have been published or revised in the Security Update Guide

    October 23, 2024

    These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

    CVE-2024-0132

    · Title: NVIDIA: CVE-2024-0132 Container Toolkit 1.16.1 and Earlier Time-of-check Time-of Use Vulnerability

    · Version: 2.0

    · Reason for revision: In the Security Updates table, added Azure Kubernetes Service Node on Azure Linux and Azure Kubernetes Service Node on Ubuntu Linux because these product are also affected by this vulnerability. Microsoft strongly recommends that customers using these products install the updates to be fully protected from the vulnerability.

    · Originally released: October 9, 2024

    · Last updated: October 23, 2024

    · Aggregate CVE Severity Rating: Critical

    CVE-2024-43483

    · Title: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

    · Version: 2.0

    · Reason for revision: Revised the Security Updates table to include PowerShell 7.2 and PowerShell 7.4 because these versions of PowerShell 7 are affected by this vulnerability. See [https://github.com/PowerShell/Announcements/issues/69](https://github.com/PowerShell/Announcements/issues/69) for more information.

    · Originally released: October 8, 2024

    · Last updated: October 23, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-43484

    · Title: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

    · Version: 2.0

    · Reason for revision: Revised the Security Updates table to include PowerShell 7.2 and PowerShell 7.4 because these versions of PowerShell 7 are affected by this vulnerability. See [https://github.com/PowerShell/Announcements/issues/70](https://github.com/PowerShell/Announcements/issues/70) for more information.

    · Originally released: October 8, 2024

    · Last updated: October 23, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-43485

    · Title: .NET and Visual Studio Denial of Service Vulnerability

    · Version: 2.0

    · Reason for revision: Revised the Security Updates table to include PowerShell 7.2 and PowerShell 7.4 because these versions of PowerShell 7 are affected by this vulnerability. See [https://github.com/PowerShell/Announcements/issues/71](https://github.com/PowerShell/Announcements/issues/71) for more information.

    · Originally released: October 8, 2024

    · Last updated: October 23, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2024-43577

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Low

    CVE-2024-49023

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 17, 2024

    · Last updated: October 17, 2024

    · Aggregate CVE Severity Rating: Moderate
     
  16. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
    October 23, 2024
     
  17. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,227
  18. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
    October 24, 2024
     
  19. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    CVEs have been published or revised in the Security Update Guide

    October 28, 2024

    These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

    CVE-2023-24023

    · Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability

    · Version: 1.1

    · Reason for revision: The software update Microsoft released to address this vulnerability enforces the use of BR/EDR Secure Connections defined encryption and authentication algorithms for Bluetooth pairings that have used BR/EDR Secure Connections. For more information see the Executive Summary section. This is an informational change only.

    · Originally released: November 14, 2023

    · Last updated: January 18, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2023-24023

    · Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability

    · Version: 1.1

    · Reason for revision: The software update Microsoft released to address this vulnerability enforces the use of BR/EDR Secure Connections defined encryption and authentication algorithms for Bluetooth pairings that have used BR/EDR Secure Connections. For more information see the Executive Summary section. This is an informational change only.

    · Originally released: November 14, 2023

    · Last updated: January 18, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2023-24023

    · Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability

    · Version: 1.1

    · Reason for revision: The software update Microsoft released to address this vulnerability enforces the use of BR/EDR Secure Connections defined encryption and authentication algorithms for Bluetooth pairings that have used BR/EDR Secure Connections. For more information see the Executive Summary section. This is an informational change only.

    · Originally released: November 14, 2023

    · Last updated: January 18, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2023-24023

    · Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability

    · Version: 1.1

    · Reason for revision: The software update Microsoft released to address this vulnerability enforces the use of BR/EDR Secure Connections defined encryption and authentication algorithms for Bluetooth pairings that have used BR/EDR Secure Connections. For more information see the Executive Summary section. This is an informational change only.

    · Originally released: November 14, 2023

    · Last updated: January 18, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2023-24023

    · Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability

    · Version: 1.1

    · Reason for revision: The software update Microsoft released to address this vulnerability enforces the use of BR/EDR Secure Connections defined encryption and authentication algorithms for Bluetooth pairings that have used BR/EDR Secure Connections. For more information see the Executive Summary section. This is an informational change only.

    · Originally released: November 14, 2023

    · Last updated: January 18, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2023-24023

    · Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability

    · Version: 1.1

    · Reason for revision: The software update Microsoft released to address this vulnerability enforces the use of BR/EDR Secure Connections defined encryption and authentication algorithms for Bluetooth pairings that have used BR/EDR Secure Connections. For more information see the Executive Summary section. This is an informational change only.

    · Originally released: November 14, 2023

    · Last updated: January 18, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2023-24023

    · Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability

    · Version: 1.1

    · Reason for revision: The software update Microsoft released to address this vulnerability enforces the use of BR/EDR Secure Connections defined encryption and authentication algorithms for Bluetooth pairings that have used BR/EDR Secure Connections. For more information see the Executive Summary section. This is an informational change only.

    · Originally released: November 14, 2023

    · Last updated: January 18, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2023-24023

    · Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability

    · Version: 1.1

    · Reason for revision: The software update Microsoft released to address this vulnerability enforces the use of BR/EDR Secure Connections defined encryption and authentication algorithms for Bluetooth pairings that have used BR/EDR Secure Connections. For more information see the Executive Summary section. This is an informational change only.

    · Originally released: November 14, 2023

    · Last updated: January 18, 2024

    · Aggregate CVE Severity Rating: Important

    CVE-2023-36008

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36008

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36008

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36008

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36008

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36008

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36008

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36008

    · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36026

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36026

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36026

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36026

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36026

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36026

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36026

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-36026

    · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating: Moderate

    CVE-2023-5997

    · Title: Chromium: CVE-2023-5997 Use after free in Garbage Collection

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2023-5997

    · Title: Chromium: CVE-2023-5997 Use after free in Garbage Collection

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2023-5997

    · Title: Chromium: CVE-2023-5997 Use after free in Garbage Collection

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2023-5997

    · Title: Chromium: CVE-2023-5997 Use after free in Garbage Collection

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2023-5997

    · Title: Chromium: CVE-2023-5997 Use after free in Garbage Collection

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2023-5997

    · Title: Chromium: CVE-2023-5997 Use after free in Garbage Collection

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2023-5997

    · Title: Chromium: CVE-2023-5997 Use after free in Garbage Collection

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2023-5997

    · Title: Chromium: CVE-2023-5997 Use after free in Garbage Collection

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 10, 2024

    · Aggregate CVE Severity Rating:

    CVE-2023-6112

    · Title: Chromium: CVE-2023-6112 Use after free in Navigation

    · Version: 1.1

    · Reason for revision: Corrected Build Numbers in the Security Updates table. This is an informational change only.

    · Originally released: November 16, 2023

    · Last updated: October 28, 2024

    · Aggregate CVE Severity Rating:
     
  20. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
    October 30, 2024
     
  21. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    CVEs have been published or revised in the Security Update Guide

    October 31, 2024

    These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

    CVE-2024-10487

    · Title: Chromium: CVE-2024-10487: Out of bounds write in Dawn

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 31, 2024

    · Last updated: October 31, 2024

    · Aggregate CVE Severity Rating:

    CVE-2024-10488

    · Title: Chromium: CVE-2024-10488 Use after free in WebRTC

    · Version: 1.0

    · Reason for revision: Information published.

    · Originally released: October 31, 2024

    · Last updated: October 31, 2024

    Aggregate CVE Severity Rating:
     
  22. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
    October 31, 2024
     
  23. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    It finely came through as I was checking all day.

    2024-11-01_19-27-57.png
     
  24. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,394
    Location:
    Texas
    It was a tad slow getting out of the chute.
     
  25. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,389
    Location:
    Ontario, Canada
    Yes sir! That's the end of October finely! LOL
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.