KLA12110
Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Visual Studio Code ESLint Extension can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Visual Studio Code can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Git for Visual Studio can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Quantum Development Kit for Visual Studio Code can be exploited remotely to execute arbitrary code.
5. A remote code execution vulnerability in Remote Development Extension for Visual Studio Code can be exploited remotely to execute arbitrary code.
6. A remote code execution vulnerability in Visual Studio Code Java Extension Pack can be exploited remotely to execute arbitrary code.

Visual Studio Code Remote - Containers Extension
Microsoft Quantum Development Kit for Visual Studio Code
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)
Visual Studio Code - Java Extension Pack
Visual Studio Code
Microsoft Visual Studio 2019 version 16.8 (includes 16.0 - 16.7)
Microsoft Visual Studio Code ESLint extension
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

CVE-2021-27081
CVE-2021-27060
CVE-2021-21300
CVE-2021-27082
CVE-2021-27083
CVE-2021-27084