KLA12421
Multiple vulnerabilities in Microsoft Developer Tools

Обновлено: 22/02/2022
Дата обнаружения
11/01/2022
Уровень угрозы
Warning
Описание

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges.

Below is a complete list of vulnerabilities:

  1. Denial of service vulnerability in .NET Framework can be exploited remotely to cause denial of service.
  2. An elevation of privilege vulnerability in Microsoft Diagnostics Hub Standard Collector Runtime can be exploited remotely to gain privileges.
Пораженные продукты

.NET Framework
Microsoft Visual Studio 2015

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2022-21911
CVE-2022-21871
Оказываемое влияние
?
DoS 
[?]

PE 
[?]
Связанные продукты
Microsoft .NET Framework
CVE-IDS
KB list

5009712
5009721
5009720
5009713
5008879
5009719
5009711
5009718
5009585
5008876
5009546
5008877
5008882
5009722
5009714
5008880
5011164

Microsoft official advisories
Microsoft Security Update Guide
Узнай статистику распространения уязвимостей в твоем регионе