Anyway, enjoy https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43498, which was rated 9.8 / 10.0 even though I have very high confidence no production service is actually susceptible to this attack, because: (a) the impacted API is so new that no production service is consuming it yet; and (b) I can't imagine any real, non-theoretical production service ever meeting the criteria necessary for successful exploit.
=> More informations about this toot | View the thread | More toots from GrabYourPitchforks@infosec.exchange
text/geminiThis content has been proxied by September (3851b).