Blog Post

Microsoft Defender Vulnerability Management Blog
6 MIN READ

Microsoft FAQ and guidance for XZ Utils backdoor

BrjannBrekkan's avatar
BrjannBrekkan
Icon for Microsoft rankMicrosoft
Apr 02, 2024
On March 28, 2024 a backdoor was identified in XZ Utils. This vulnerability, CVE-2024-3094 with a CVSS score of 10 is a result of a software supply chain compromise impacting versions 5.6.0 and 5.6.1...
Updated Apr 07, 2024
Version 4.0
ekimminau's avatar
ekimminau
Copper Contributor
Apr 03, 2024

WSL was linked to XZ in 2020 https://github.com/microsoft/WSL/issues/6056