CVE-2024-49071

Name of the Vulnerable Software and Affected Versions Windows Defender (affected versions not specified)

Description The issue is related to improper authorization of an index containing sensitive information from a Global Files search in Windows Defender, allowing an authorized attacker to disclose information over a network. This is due to the mechanism of indexing not properly limiting access to actors who are authorized to see the original information. There have been no known exploitations of the vulnerability, despite the attack complexity being low.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.