Msrc Microsoft Defender For Endpoint For Android vulnerabilities

CVE-2024-49057 [HIGH] CWE-20 Microsoft Defender for Endpoint on Android Spoofing Vulnerability Microsoft Defender for Endpoint on Android Spoofing Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user must install and use a specially-crafted malicious application on their Android device. Microsoft Defender for Endpoint: Microsoft Defender for Endpoint Microsoft: Microsoft Customer Action Required: Yes Impac

CVE-2024-5535 [CRITICAL] CWE-1395 OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overread OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overread NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2024-5535 Description: We are republishing this OpenSSL CVE to document that the latest version Microsoft Defender for Endpoint has been updated to protect against this OpenSSL library vulnerability. FAQ: How could an attacker exploit this vulnerability? Exploitation of this vulnerabil