CVE-2024-11395: Chromium: CVE-2024-11395 Type Confusion in V8

CVE-2024-49054: Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability

CVE-2024-11117: Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem

CVE-2024-11116: Chromium: CVE-2024-11116 Inappropriate implementation in Paint

**Why is this Electron CVE included in the Security Update Guide?**

The vulnerability assigned to this CVE is in Electron software which is consumed by Visual Studio Code. It is being documented in the Security Update Guide to announce that the latest build of Visual Studio Code is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

Headline

CVE-2023-39956: Electron: CVE-2023-39956 -Visual Studio Code Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News