CVE-2024-12382: Chromium: CVE-2024-12382 Use after free in Translate

CVE-2024-12381: Chromium: CVE-2024-12381 Type Confusion in V8

CVE-2024-49071: Windows Defender Information Disclosure Vulnerability

CVE-2024-49147: Microsoft Update Catalog Elevation of Privilege Vulnerability

CVE-2024-49127: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?**

An attacker could successfully exploit this vulnerability by connecting to a system with the Remote Desktop Gateway role, triggering the race condition to create a use-after-free scenario, and then leveraging this to execute arbitrary code.

Headline

CVE-2024-49128: Windows Remote Desktop Services Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News