They used to put the affected versions in the email, but that stopped a few months ago. Now it’s just a vague “product is affected, click the link to learn more”. Every. Time. the support part of their site gets hugged to death as if the uptick in traffic to it is completely unexpected.
So now I have Schrodinger’s vulnerability until whatever potato-class servers they have their support bulletins running on frees up enough slots to render a frigging static HTML page.
It’s almost as bad as news teasers that are like “Is something in your house going to kill you in the next 30 seconds? Find out more at 11!”
I could never get useful details out of any of the CVE sites. Really annoying, but maybe I’m dumb
Could you just check the official CVE database?
Yeah, even for this one, mite and the nvd are completely useless (denying it exists).
mitre denies it exists links to NVD which is also basically an HTTP 404 error
You are right, though - When I look at CISAs notes, they direct to the right source meaningfully. I’m sure I’ve found some that are total stonewalls in the past, but no idea of that was MS, chrome or just a particular vulnerability… It’s happened enough I’d given up, but maybe I should retry next time