KLA11404
Multiple vulnerabilities in Microsoft Development Tools

Multiple vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, perform cross-site scripting attacks.

Below is a complete list of vulnerabilities:

1. A cross-site-scripting (XSS) vulnerability in Team Foundation Server can be exploited remotely via specially crafted request to perform cross-site scripting attacks;
2. An information disclosure vulnerability in Team Foundation Server can be exploited remotely to obtain sensitive information.

Team Foundation Server 2018 Updated 1.2
Team Foundation Server 2017 Update 3.1
Team Foundation Server 2018 Update 3.2

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)