CVE-2024-8909: Chromium: CVE-2024-8909 Inappropriate implementation in UI

CVE-2024-8908: Chromium: CVE-2024-8908 Inappropriate implementation in Autofill

CVE-2024-8907: Chromium: CVE-2024-8907 Insufficient data validation in Omnibox

CVE-2024-8906: Chromium: CVE-2024-8906 Incorrect security UI in Downloads

CVE-2024-8905: Chromium: CVE-2024-8905 Inappropriate implementation in V8

**Why is this Google LLC CVE included in the Security Update Guide?**

The vulnerability assigned to this CVE is in the Brotli library which is consumed by .NET and by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of .NET and Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

Headline

CVE-2020-8927: Brotli Library Buffer Overflow Vulnerability

Microsoft Security Response Center: Latest News