CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability

CVE-2024-11117: Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem

CVE-2024-11116: Chromium: CVE-2024-11116 Inappropriate implementation in Paint

CVE-2024-11115: Chromium: CVE-2024-11115 Insufficient policy enforcement in Navigation

CVE-2024-11114: Chromium: CVE-2024-11114 Inappropriate implementation in Views

**What actions do customers need to take to protect themselves from this vulnerability?**

Only customers using Linux/Ubuntu Data Science Virtual Machines (DSVM) with versions prior to 24.05.24 may be affected. For guidance on how to update your resources, reference the following: Upgrade your Data Science Virtual Machine to Ubuntu 20.04. Customers who deploy DSVMs using CLI or scripts may also need to update the DSVM version specified in their deployment parameters.

Headline

CVE-2024-37325: Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News