Security News > 2024 > November > Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks
2024-11-29 09:34
Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner.microsoft[.]com. "An
News URL
https://thehackernews.com/2024/11/microsoft-fixes-ai-cloud-and-erp.html
Related news
- AI forces security leaders to rethink hybrid cloud strategies (source)
- Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins (source)
- Developers Beware: Slopsquatting & Vibe Coding Can Increase Risk of AI-Powered Attacks (source)
- Network Security at the Edge for AI-ready Enterprise (source)
- Widespread Microsoft Entra lockouts tied to new security feature rollout (source)
- One in three security teams trust AI to act autonomously (source)
- Coaching AI agents: Why your next security hire might be an algorithm (source)
- Skyhawk Security brings preemptive cloud app defense to RSAC 2025 (source)
- Linux 'io_uring' security blindspot allows stealthy rootkit attacks (source)
- Microsoft now pays up to $30,000 for some AI vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-26 | CVE-2024-49035 | Unspecified vulnerability in Microsoft Partner Center An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. | 9.8 |