Multiple vulnerabilities in Microsoft Developer Tools

Description

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Microsoft Windows Sysmon can be exploited remotely to gain privileges.
2. A remote code execution vulnerability in PowerShell can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in .NET Framework can be exploited remotely to execute arbitrary code.

Original advisories

• CVE-2022-44704

• CVE-2022-41076
• CVE-2022-41089

Exploitation

Public exploits exist for this vulnerability.

Related products

• Microsoft-.NET-Framework
• Microsoft-Visual-Studio
• Microsoft-Windows

CVE list

• CVE-2022-41076
  critical
• CVE-2022-44704
  critical
• CVE-2022-41089
  critical

KB list

• 5021243
• 5021953
• 5020880
• 5021082
• 5021094
• 5021093
• 5021954
• 5021085
• 5021092
• 5021086
• 5020873
• 5021080
• 5020868
• 5021088
• 5021095
• 5021081
• 5021079
• 5021091
• 5021955
• 5021089
• 5021090
• 5021087

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com