Update 20240822002

Renamed page to reduce character count. Updated observations to include vendor knowledge of exploitation. Updated recommendation to "48 hours" in alignment with E8 ML1 Patch Management.
LSerki · Aug 22, 2024 · 871ac3e · 871ac3e
1 parent d7511a3
commit 871ac3e
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/...a-Elevation-of-Privilege-Vulnerability.md → ...-Microsoft-Publishes-Critical-Advisory.md b/...a-Elevation-of-Privilege-Vulnerability.md → ...-Microsoft-Publishes-Critical-Advisory.md
@@ -1,4 +1,4 @@
-# Azure Managed Instance for Apache Cassandra Elevation of Privilege Vulnerability - 20240822002
+# Microsoft Publishes Critical CVE Advisory - 20240822002
 
 ## Overview
 
@@ -10,8 +10,12 @@ Microsoft publishes critical advisory for Azure Managed Instance for Apache Cass
 | ------------------------------------------- | ---------------------------------------- | ----------------------------------------------------------------- | ---- | ------------ |
 | Azure Managed Instance for Apache Cassandra | clusters updated before 20th August 2024 | [CVE-2024-38175](https://www.cve.org/CVERecord?id=CVE-2024-38175) | 9.6  | **Critical** |
 
+## What has been observed?
+
+Microsoft is aware of functional exploitation in the wild. There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
 ## Recommendation
 
-The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)):
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
 
-- https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38175
+- Microsoft CVE article: <https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38175>