Multiple vulnerabilities in Microsoft Developer Tools

説明

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in .NET Framework can be exploited remotely via specially crafted application to obtain sensitive information.
2. A security feature bypass vulnerability in PowerShellGet Module WDAC can be exploited remotely to bypass security restrictions.
3. A remote code execution vulnerability in Visual Studio Code Python Extension can be exploited remotely via specially crafted file to execute arbitrary code.

オリジナルアドバイザリー

• CVE-2020-16937

• CVE-2020-16886
• CVE-2020-16977

関連製品

• Microsoft-.NET-Framework
• Microsoft-Visual-Studio

CVEリスト

• CVE-2020-16937
  high
• CVE-2020-16886
  high
• CVE-2020-16977
  critical

KBリスト

• 4579980
• 4578974
• 4578972
• 4578971
• 4579977
• 4579978
• 4579979
• 4578968
• 4578969
• 4580328
• 4579976
• 4580330
• 4580327
• 4580346
• 4580470
• 4580468
• 4580469
• 4580467
• 4578961
• 4578963

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com