KLA12421
Multiple vulnerabilities in Microsoft Developer Tools

Updated: 02/22/2022
Detect date
?
01/11/2022
Severity
?
Warning
Description

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges.

Below is a complete list of vulnerabilities:

  1. Denial of service vulnerability in .NET Framework can be exploited remotely to cause denial of service.
  2. An elevation of privilege vulnerability in Microsoft Diagnostics Hub Standard Collector Runtime can be exploited remotely to gain privileges.
Affected products

.NET Framework
Microsoft Visual Studio 2015

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2022-21911
CVE-2022-21871

Impacts
?
DoS 
[?]

PE 
[?]
Related products
Microsoft .NET Framework
CVE-IDS
?
KB list

5009712
5009721
5009720
5009713
5008879
5009719
5009711
5009718
5009585
5008876
5009546
5008877
5008882
5009722
5009714
5008880
5011164

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region