Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

ADV240001: Microsoft SharePoint Server Defense in Depth Update

**Why is this advisory published to the Security Updates Guide Vulnerabilities tab instead of the Advisories tab?** We are publishing this advisory to the Security Update Guide's Vulnerabilities tab to document the related defense in depth security updates in the Deployments tab. Generally advisories do not contain security updates. However Microsoft Engineering elected to provide them to ensure customers could ensure they are protected. Please reference the Security Updates table or the Deployments tab to find the security update for related to your product.

Microsoft Security Response Center
#vulnerability#microsoft#Microsoft Office SharePoint#Security Advisory
CVE-2024-49051: Microsoft PC Manager Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker would be able to delete any system files.

CVE-2024-49032: Microsoft Office Graphics Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?** The word **Remote** in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the **Attack Vector** is **Local** and **User Interaction** is **Required**, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.

CVE-2024-49031: Microsoft Office Graphics Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?** The word **Remote** in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the **Attack Vector** is **Local** and **User Interaction** is **Required**, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.

CVE-2024-49039: Windows Task Scheduler Elevation of Privilege Vulnerability

**How could an attacker exploit this vulnerability?** To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application on the target system exploit the vulnerability to elevate their privileges to a Medium Integrity Level.

CVE-2024-49048: TorchGeo Remote Code Execution Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.

CVE-2024-49033: Microsoft Word Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** This vulnerability could allow an attacker to bypass specific functionality of the Office Protected View.

CVE-2024-43622: Windows Telephony Service Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?** This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.

CVE-2024-43621: Windows Telephony Service Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?** This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.

CVE-2024-43640: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.