CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability

CVE-2024-11117: Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem

CVE-2024-11116: Chromium: CVE-2024-11116 Inappropriate implementation in Paint

CVE-2024-11115: Chromium: CVE-2024-11115 Insufficient policy enforcement in Navigation

CVE-2024-11114: Chromium: CVE-2024-11114 Inappropriate implementation in Views

**What actions should I take to be protected from this vulnerability?**

Customers must perform the following to mitigate this vulnerability:

1.  Update Azure Stack HCI resources to version 2411. Instructions on how to update can be found here.
2.  Rotate the administrator and user account passwords for all Azure Arc VMs deployed prior to updating the Azure Stack HCI instance to version 2411. Instructions on how to update these passwords can be found here.

Headline

CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News