Microsoft Security Response Center Blog Alerts

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

Corrected Download links in the Security Updates table. This is an informational change only.

Updated FAQ information. This is an informational change only.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network.

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

Improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Account allows an unauthorized attacker to perform spoofing over a network.

Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.

Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.