Security News > 2024 > November > Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks
2024-11-29 09:34
Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner.microsoft[.]com. "An
News URL
https://thehackernews.com/2024/11/microsoft-fixes-ai-cloud-and-erp.html
Related news
- AI agents swarm Microsoft Security Copilot (source)
- AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- MINJA sneak attack poisons AI models for other chatbot users (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-26 | CVE-2024-49035 | Unspecified vulnerability in Microsoft Partner Center An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. | 9.8 |