KLA11575
Multiple vulnerabilities in Microsoft Developer Tools
Updated: 05/22/2020
Detect date
?
10/08/2019
Severity
?
Critical
Description

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Azure Stack can be exploited remotely to execute arbitrary code.
  2. An information disclosure vulnerability in Open Enclave SDK can be exploited remotely to obtain sensitive information.
Affected products

Azure App Service on Azure Stack
Open Enclave SDK
Windows Azure Pack Web Sites V2

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2019-1372
CVE-2019-1369

Impacts
?
ACE 
[?]

OSI 
[?]
Related products
Microsoft Windows
Microsoft Azure
CVE-IDS
?
CVE-2019-13720.0Unknown
CVE-2019-13690.0Unknown
Microsoft official advisories
Microsoft Security Update Guide
KB list

4524964