KLA10916
Multiple vulnerabilities in Microsoft Development Tools
Updated: 07/16/2019
Detect date
?
11/14/2017
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information and gain privilege escalation.

Affected products

ChakraCore
.NET Core 1.0
.NET Core 1.1
.NET Core 2.0

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2017-11841
CVE-2017-11866
CVE-2017-11870
CVE-2017-11861
CVE-2017-11862
CVE-2017-11791
CVE-2017-11837
CVE-2017-11871
CVE-2017-11883
CVE-2017-11770
CVE-2017-11838
CVE-2017-8700
CVE-2017-11873
CVE-2017-11843
CVE-2017-11879
CVE-2017-11874
CVE-2017-11846
CVE-2017-11858
CVE-2017-11840
CVE-2017-11836

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]
Related products
Microsoft ASP.NET MVC
ChakraCore
CVE-IDS
?
CVE-2017-117707.5Critical
CVE-2017-118798.8Critical
CVE-2017-118837.5Critical
CVE-2017-87007.5Critical
CVE-2017-117913.1Warning
CVE-2017-118367.5Critical
CVE-2017-118377.5Critical
CVE-2017-118387.5Critical
CVE-2017-118407.5Critical
CVE-2017-118417.5Critical
CVE-2017-118437.5Critical
CVE-2017-118467.5Critical
CVE-2017-118587.5Critical
CVE-2017-118617.5Critical
CVE-2017-118627.5Critical
CVE-2017-118667.5Critical
CVE-2017-118707.5Critical
CVE-2017-118717.5Critical
CVE-2017-118737.5Critical
CVE-2017-118743.1Warning
Microsoft official advisories
Microsoft Security Update Guide