Intel® Fortran Compiler
Build applications that can scale for the future with optimized code designed for Intel® Xeon® and compatible processors.
Announcements
FPGA community forums and blogs have moved to the Altera Community. Existing Intel Community members can sign in with their current credentials.
29309 Discussions

Microsoft Visual Studio Installer Vulnerability

AlHill
Super User
739 Views

FYI - From today's SANS NewsBites:

Microsoft Visual Studio Installer Vulnerability 

(June 7 & 8, 2023)
 

Microsoft released a patch for a vulnerability in Visual Studio Installer with its April scheduled patch release. While the vulnerability was rated moderate severity, researchers from Varonis maintain that because it is easily exploitable and affects a product with a 26 percent market share, it merits more immediate attention. The flaw could be exploited to distribute malicious extensions to app developers.
 

Editor's Note

[Neely]
While this is a reasonably easy flaw to exploit, the mitigation is even simpler. Apply the April 11th (or later) Microsoft Patch Tuesday update. I know we already did that too, and I’m cross checking that it was fully deployed.


Read more in:
www.varonis.com: Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
www.darkreading.com: Easily Exploitable Microsoft Visual Studio Bug Opens Developers to Takeover

0 Replies
Reply