KLA12505
Multiple vulnerabilities in Microsoft Developer Tools

Обновлено: 10/08/2022

Дата обнаружения	12/04/2022
Уровень угрозы	High
Описание	Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: An elevation of privilege vulnerability in Visual Studio can be exploited remotely to gain privileges. A remote code execution vulnerability in Window Visual Studio can be exploited remotely to execute arbitrary code. A denial of service vulnerability in .NET Framework can be exploited remotely to cause denial of service. An elevation of privilege vulnerability in Visual Studio Code can be exploited remotely to gain privileges. A denial of service vulnerability in YARP can be exploited remotely to cause denial of service. An elevation of privilege vulnerability in PowerShell can be exploited remotely to gain privileges.
Пораженные продукты	Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.8 Microsoft .NET Framework 3.5 AND 4.8 Microsoft .NET Framework 3.5 AND 4.7.2 PowerShell 7.1 PowerShell 7.0 PowerShell 7.2 YARP 1.0 YARP 1.1RC
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2022-24513 CVE-2022-24767 CVE-2022-26832 CVE-2022-26921 CVE-2022-24765 CVE-2022-26924 CVE-2022-26788
Оказываемое влияние ?	ACE [?] DoS [?] PE [?]
Связанные продукты	Microsoft .NET Framework Microsoft Visual Studio
KB list	5012596 5012117 5012326 5012332 5012327 5012331 5012329 5012324 5012328 5012325 5012123 5012121 5012120 5012118 5012330 5016568

KLA12505Multiple vulnerabilities in Microsoft Developer Tools

KLA12505
Multiple vulnerabilities in Microsoft Developer Tools