CyberSecurity
on November 14, 2024 at 8:00 am — Chromium: CVE-2024-11110 Inappropriate implementation in Blink
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
on November 14, 2024 at 8:00 am — Chromium: CVE-2024-11111 Inappropriate implementation in Autofill
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
on November 14, 2024 at 8:00 am — CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability
Added an FAQ to indicated that we have temporarily paused the rollout of this update. Please see the Exchange Server [Blog entry](https://techcommunity.microsoft.com/blog/exchange/released-november-2024-exchange-server-security-updates/4293125) for more information.
on November 14, 2024 at 8:00 am — Chromium: CVE-2024-11116 Inappropriate implementation in Paint
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
on November 13, 2024 at 8:00 am — CVE-2024-43639 Windows KDC Proxy Remote Code Execution Vulnerability
Updated the CVE title to better reflect the affected protocol and added an FAQ to explain that only Windows Servers that are configured with the [[MS-KKDCP]: Kerberos Key Distribution Center (KDC) Proxy Protocol](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kkdcp/5bcebb8d-b747-4ee5-9453-428aec1c5c38) are affected.