KLA10916
Multiple vulnerabilities in Microsoft Development Tools
Обновлено: 16/07/2019
Дата обнаружения
14/11/2017
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information and gain privilege escalation.

Пораженные продукты

ChakraCore
.NET Core 1.0
.NET Core 1.1
.NET Core 2.0

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2017-11841
CVE-2017-11866
CVE-2017-11870
CVE-2017-11861
CVE-2017-11862
CVE-2017-11791
CVE-2017-11837
CVE-2017-11871
CVE-2017-11883
CVE-2017-11770
CVE-2017-11838
CVE-2017-8700
CVE-2017-11873
CVE-2017-11843
CVE-2017-11879
CVE-2017-11874
CVE-2017-11846
CVE-2017-11858
CVE-2017-11840
CVE-2017-11836
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
Microsoft ASP.NET MVC
ChakraCore
CVE-IDS
CVE-2017-117707.5Critical
CVE-2017-118798.8Critical
CVE-2017-118837.5Critical
CVE-2017-87007.5Critical
CVE-2017-117913.1Warning
CVE-2017-118367.5Critical
CVE-2017-118377.5Critical
CVE-2017-118387.5Critical
CVE-2017-118407.5Critical
CVE-2017-118417.5Critical
CVE-2017-118437.5Critical
CVE-2017-118467.5Critical
CVE-2017-118587.5Critical
CVE-2017-118617.5Critical
CVE-2017-118627.5Critical
CVE-2017-118667.5Critical
CVE-2017-118707.5Critical
CVE-2017-118717.5Critical
CVE-2017-118737.5Critical
CVE-2017-118743.1Warning
Microsoft official advisories
Microsoft Security Update Guide