According to the Debricked vulnerability database, CVE-2024-49071 the issue arose because Windows Defender created a “search index of private or sensitive documents,” but it did not “properly limit index access to actors who are authorized to see the original information.” The issue has been fixed by Microsoft, but not by releasing an update that end users need to install. It has all been fixed behind the scenes at the server end of the equation.
-– bonitas non est pessimis esse meliorem –-
