Multiple vulnerabilities in Microsoft Developer Tools

Description

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely via specially crafted website to execute arbitrary code.
2. An information disclosure vulnerability in Microsoft XML Core Services can be exploited remotely to obtain sensitive information.

Original advisories

• CVE-2017-0108

• CVE-2017-0022

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Silverlight
• Microsoft-XML-Core-Services

CVE list

• CVE-2017-0022
  warning
• CVE-2017-0108
  critical

KB list

• 4012217
• 4012215
• 4012216
• 4012606
• 4013198
• 4013429
• 4012212
• 4012214
• 4012213
• 4013867
• 3216916

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com