Intel® Fortran Compiler
Build applications that can scale for the future with optimized code designed for Intel® Xeon® and compatible processors.
28551 Discussions

Microsoft Visual Studio Installer Vulnerability

AlHill
Super User
395 Views

FYI - From today's SANS NewsBites:

Microsoft Visual Studio Installer Vulnerability 

(June 7 & 8, 2023)
 

Microsoft released a patch for a vulnerability in Visual Studio Installer with its April scheduled patch release. While the vulnerability was rated moderate severity, researchers from Varonis maintain that because it is easily exploitable and affects a product with a 26 percent market share, it merits more immediate attention. The flaw could be exploited to distribute malicious extensions to app developers.
 

Editor's Note

[Neely]
While this is a reasonably easy flaw to exploit, the mitigation is even simpler. Apply the April 11th (or later) Microsoft Patch Tuesday update. I know we already did that too, and I’m cross checking that it was fully deployed.


Read more in:
www.varonis.com: Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
www.darkreading.com: Easily Exploitable Microsoft Visual Studio Bug Opens Developers to Takeover

0 Replies
Reply