Microsoft’s brief attestation that “Azure Linux includes this open‑source library and is therefore potentially affected” is precise — and it is not, by itself, a guarantee that no other Microsoft product could ship the same vulnerable component...
In a significant escalation for industrial cybersecurity, a broad class of Siemens engineering software has been confirmed vulnerable to a type confusion deserialization flaw that can lead to arbitrary code execution when an attacker has local authenticated access. The issue—tracked under...
