CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability

CVE-2024-11117: Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem

CVE-2024-11116: Chromium: CVE-2024-11116 Inappropriate implementation in Paint

CVE-2024-11115: Chromium: CVE-2024-11115 Insufficient policy enforcement in Navigation

CVE-2024-11114: Chromium: CVE-2024-11114 Inappropriate implementation in Views

**According to the CVSS metrics, the attack vector is local (AV:L) and privilege required is low (PR:L). What does that mean for this vulnerability?**

An attacker must have local access to the targeted machine and must be able to create folders and performance traces on the machine, with restricted privileges that normal users have by default.

Headline

CVE-2024-49049: Visual Studio Code Remote Extension Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News