Listen to our podcast on this month's release with mitigation tips and custom automations for remediation. Or read here!
Releases we think you should pay extra attention to:
-
CVE-2024-21401: Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability tImportant]
This elevation of privilege vulnerability could allow an unauthenticated attacker to manipulate the plugin's configuration, leading to unauthorized access.
-
CVE-2024-21351: Windows SmartScreen Security Feature Bypass Vulnerability tModerate]
It's been revealed that an attacker could potentially bypass this check to execute untrusted files without prompting the user — a clear-cut reminder of the vital role SmartScreen and similar protective measures play in maintaining system integrity.