KLA12535
Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in .NET and Visual Studio can be exploited remotely to cause denial of service.
2. A remote code execution vulnerability in Visual Studio Code can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Visual Studio can be exploited remotely to execute arbitrary code.
4. A denial of service vulnerability in .NET Framework can be exploited remotely to cause denial of service.

.NET Core 3.1
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
.NET 5.0
Microsoft .NET Framework 3.5 AND 4.7.2
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
.NET 6.0
Microsoft .NET Framework 4.8
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5.1
Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Visual Studio Code
Microsoft .NET Framework 4.6
Microsoft Visual Studio 2022 version 17.0
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 3.5
Microsoft Visual Studio 2022 version 17.1
Microsoft .NET Framework 3.5 AND 4.8

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

5014326
5013840
5013870
5013838
5013872
5014329
5013837
5013839
5013871
5013873
5014330
5021243