Security News > 2024 > November > Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks
2024-11-29 09:34
Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner.microsoft[.]com. "An
News URL
https://thehackernews.com/2024/11/microsoft-fixes-ai-cloud-and-erp.html
Related news
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft Notepad to get AI-powered rewriting tool on Windows 11 (source)
- AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds (source)
- HackerOne: Nearly Half of Security Professionals Believe AI Is Risky (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage (source)
- AI’s impact on the future of web application security (source)
- How AI Is Transforming IAM and Identity Security (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-26 | CVE-2024-49035 | An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. | 8.7 |