Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, spoof user interface.

Below is a complete list of vulnerabilities:

1. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
2. An information disclosure vulnerability in Scripting Engine can be exploited remotely via specially crafted content to obtain sensitive information.
3. A spoofing vulnerability in Azure DevOps Server can be exploited remotely to spoof user interface.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

ChakraCore
Microsoft Edge
Azure DevOps Server 2019

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)