49 matches found
August 13, 2024—KB5041851 (Monthly Rollup)
August 13, 2024—KB5041851 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only a...
June 11, 2024—KB5039260 (Monthly Rollup)
June 11, 2024—KB5039260 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only are...
CVE-2024-28917 Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
...
CVE-2024-28917
Summary: CVE-2024-28917 is a cluster-scope elevation of privilege in Azure Arc-enabled Kubernetes Extension. According to connected sources, the affected component is the Azure Arc Kubernetes Extension (Cluster) and the impact is privilege escalation (obtain increased privileges). The CVSS score ...
April 9, 2024—KB5036969 (Monthly Rollup)
April 9, 2024—KB5036969 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only are...
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
...
March 12, 2024—KB5035885 (Monthly Rollup)
March 12, 2024—KB5035885 Monthly Rollup IMPORTANT If you plan to install this update on a domain controller DC, we highly recommend that you install update KB5037426 instead March 22, 2024. This out-of-band update addresses a known issue that affects the Local Security Authority Subsystem Service...
March 12, 2024—KB5035930 (Monthly Rollup)
March 12, 2024—KB5035930 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only ar...
February 13, 2024—KB5034819 (Monthly Rollup)
February 13, 2024—KB5034819 Monthly Rollup IMPORTANT The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...
February 13, 2024—KB5034830 (Monthly Rollup)
February 13, 2024—KB5034830 Monthly Rollup IMPORTANT The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only...
January 9, 2024—KB5034171 (Monthly Rollup)
January 9, 2024—KB5034171 Monthly Rollup IMPORTANT The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU onl...
December 12, 2023—KB5033420 (Monthly Rollup)
December 12, 2023—KB5033420 Monthly Rollup IMPORTANT The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...
CVE-2023-38176
Azure Arc-Enabled Servers Elevation of Privilege Vulnerability...
Privilege escalation
Azure Arc-Enabled Servers Elevation of Privilege Vulnerability...
CVE-2023-38176 Azure Arc-Enabled Servers Elevation of Privilege Vulnerability
...
CVE-2023-38176
CVE-2023-38176 is an elevation-of-privilege vulnerability in Azure Arc-Enabled Servers. Multiple sources (NVD, CNVD, MSRC advisories, and NCSc) confirm it allows an attacker to gain elevated privileges within the affected Arc environment (Azure Arc-Enabled Servers). The issue is categorized as an...
Azure Arc-Enabled Servers Elevation of Privilege Vulnerability
...
PT-2023-26323 · Microsoft · Azure Arc-Enabled Servers
Name of the Vulnerable Software and Affected Versions: Azure Arc-Enabled Servers affected versions not specified Description: The issue is related to an elevation of privilege vulnerability. There is no information provided about the estimated number of potentially affected devices worldwide or...
Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs
Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. Of the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update,...
CVE-2022-37968
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...