CVE-2024-11395: Chromium: CVE-2024-11395 Type Confusion in V8

CVE-2024-49054: Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability

CVE-2024-11117: Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem

CVE-2024-11116: Chromium: CVE-2024-11116 Inappropriate implementation in Paint

**How could an attacker exploit this vulnerability?**

An attacker could exploit a use after free vulnerability within the OS SAPI component to execute arbitrary code in the context of the compromised user to disclose sensitive information, compromise system integrity or impact the availability of the victim's system.

Headline

CVE-2024-43574: Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News