8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.064 Low
EPSS
Percentile
93.6%
12/10/2019
Critical
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.
Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)
Microsoft Visual Studio 2019 version 16.0
Microsoft Visual Studio 2017 version 15.0
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)
Microsoft Visual Studio Live Share extension
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2019-1352
CVE-2019-1351
CVE-2019-1387
CVE-2019-1350
CVE-2019-1354
CVE-2019-1486
CVE-2019-1349
ACE
CVE-2019-13529.3Critical
CVE-2019-13515.0Warning
CVE-2019-13876.8High
CVE-2019-13509.3Critical
CVE-2019-13549.3Critical
CVE-2019-14865.8High
CVE-2019-13499.3Critical
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1486
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1349
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1350
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1351
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1352
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1354
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1387
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1486
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.064 Low
EPSS
Percentile
93.6%