CVE-2024-12382: Chromium: CVE-2024-12382 Use after free in Translate

CVE-2024-12381: Chromium: CVE-2024-12381 Type Confusion in V8

CVE-2024-49071: Windows Defender Information Disclosure Vulnerability

CVE-2024-49147: Microsoft Update Catalog Elevation of Privilege Vulnerability

CVE-2024-49138: Windows Common Log File System Driver Elevation of Privilege Vulnerability

**How could an attacker exploit this vulnerability?**

An unauthenticated attacker who successfully exploited this vulnerability could gain code execution through a specially crafted set of LDAP calls to execute arbitrary code within the context of the LDAP service.

Headline

CVE-2024-49112: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News