Описание
Microsoft Bing Search Spoofing Vulnerability
FAQ
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have to click on a specially crafted URL to be compromised by the attacker.
How do I get the update for Microsoft Bing Search for iOS?
- Tap the Settings icon
- Tap the** iTunes & App Store**
- Turn on AUTOMATIC DOWNLOADS for Apps
Alternatively
- Tap the** App Store** icon
- Scroll down to find Bing: Chat with AI & GPT-4
- Tap the Update button
According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?
The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.
According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability?
Limited information from the victim's browser associated with the vulnerable URL can be sent to the attacker by the malicious code.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Bing Search for iOS |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
5.4 Medium
CVSS3
Связанные уязвимости
Уязвимость поисковой системы Microsoft Bing Search операционной системы iOS, позволяющая нарушителю проводить спуфинг-атаки
EPSS
5.4 Medium
CVSS3