Alphane_Moon@lemmy.world
on 16 Dec 13:15
nextcollapse
So this a remote vulnerability, but no execution just information access? The CVE and Microsoft are not clear about it (or I am bad at reading).
homesweethomeMrL@lemmy.world
on 16 Dec 14:54
collapse
According to the Debricked vulnerability database, CVE-2024-49071 the issue arose because Windows Defender created a “search index of private or sensitive documents,” but it did not “properly limit index access to actors who are authorized to see the original information.”
MS says they mitigated it without user intervention. Allegedly someone with privileges for Windows Defender could access an index file and send file contents over a network. I couldn’t tell if the file contents were just the index itself or file contents from elsewhere on the machine but I think it’s the former.
Anyway, MS says it’s fixed and pay no attention to the man behind the curtain.
Probably found it when a computer was just sending Recall images out to a C&C server. Nothing to see here! xD
homesweethomeMrL@lemmy.world
on 16 Dec 14:52
collapse
“The vulnerability documented by this CVE requires no customer action to resolve,” Microsoft said, “this vulnerability has already been fully mitigated by Microsoft.” So, there we have it. A critical Windows Defender vulnerability fixed quietly in the background, but with full transparency from Microsoft. Now that’s what good security looks like.
HAHAHAHAHahahahahahahaha
satans_methpipe@lemmy.world
on 16 Dec 23:05
collapse
threaded - newest
So this a remote vulnerability, but no execution just information access? The CVE and Microsoft are not clear about it (or I am bad at reading).
Here’s microsoft’s info: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49071
MS says they mitigated it without user intervention. Allegedly someone with privileges for Windows Defender could access an index file and send file contents over a network. I couldn’t tell if the file contents were just the index itself or file contents from elsewhere on the machine but I think it’s the former.
Anyway, MS says it’s fixed and pay no attention to the man behind the curtain.
Probably found it when a computer was just sending Recall images out to a C&C server. Nothing to see here! xD
HAHAHAHAHahahahahahahaha
The source article is state run media