Tag
#microsoft
**What privileges are required to exploit this vulnerability?** The attacker must be authenticated to the target site, with the permission to modify their Display Name within SharePoint.
**What privileges are required to exploit this vulnerability?** The attacker must be authenticated to the target site, with the permission to use Manage Lists within SharePoint.
**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.
**What type of information can be disclosed by this vulnerability?** This vulnerability could allow device security information to be disclosed including but not limited to security score, outdated operating system, and any malware infections.
**What version of Microsoft Defender for IoT has the update that protects from this vulnerability?** Version 10.5.3 and above. **What is the action required to take the update?** You need to update to the latest Microsoft Defender for IoT software version. See the **Update the software version section** of Manage the on-premises management console. **What is Microsoft Defender for IoT?** Microsoft Defender for IoT is a unified security solution for identifying IoT/OT devices, vulnerabilities, and threats. It enables you to secure your entire IoT/OT environment, whether you need to protect existing IoT/OT devices or build security into new IoT innovations. See Microsoft Defender for IoT for more information.
**What firmware version of the Microsoft 4K Wireless Display Adapter has the update that protects from this vulnerability?** All firmware versions of the Microsoft 4K Wireless Display Adapter that are 3.9520.47 and higher are protected from this vulnerability. **How do I ensure my Microsoft 4K Wireless Display Adapter device has the update?** You will need to install the Microsoft Wireless Display Adapter app from the Microsoft Store onto a system connected to the Microsoft 4K Wireless Display Adapter. Once installed, use the **Update & security** section of the app to download and install the latest firmware. **How could an attacker exploit this vulnerability?** An unauthenticated attacker on the same network as the Microsoft 4K Display Adapter could send specially crafted packets to a vulnerable device.
**What version of Microsoft Defender for IoT has the update that protects from this vulnerability?** Version 10.5.2 and above. **What is the action required to take the update?** You need to update to the latest Microsoft Defender for IoT software version. See the **Update the software version section** of Manage the on-premises management console. **What is Microsoft Defender for IoT?** Microsoft Defender for IoT is a unified security solution for identifying IoT/OT devices, vulnerabilities, and threats. It enables you to secure your entire IoT/OT environment, whether you need to protect existing IoT/OT devices or build security into new IoT innovations. See Microsoft Defender for IoT for more information.
**Is the Preview Pane an attack vector for this vulnerability?** No, the Preview Pane is not an attack vector.
**What privileges are required by the attack to exploit this vulnerability?** An attacker needs to have support user privileges to be able to exploit this vulnerability.
**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.