logo
DATABASE RESOURCES PRICING ABOUT US

KLA11772 Multiple vulnerabilities in Microsoft Developer Tools

Description

### *Detect date*: 05/12/2020 ### *Severity*: Critical ### *Description*: Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code. ### *Exploitation*: Malware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>). ### *Affected products*: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 ASP.NET Core 3.1 Microsoft .NET Framework 4.6 Microsoft Visual Studio 2019 version 16.5 Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8) Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 4.8 .NET Core 3.1 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 3.5 AND 4.7.2 .NET Core 5.0 .NET Core 2.1 Visual Studio Code Microsoft .NET Framework 3.5 AND 4.8 Microsoft Visual Studio 2019 version 16.0 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 ### *Solution*: Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) ### *Original advisories*: [CVE-2020-1066](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1066>) [CVE-2020-1108](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1108>) [CVE-2020-1161](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1161>) [CVE-2020-1171](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1171>) [CVE-2020-1192](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1192>) ### *Impacts*: ACE ### *Related products*: [Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>) ### *CVE-IDS*: [CVE-2020-1066](<https://vulners.com/cve/CVE-2020-1066>)4.6Warning [CVE-2020-1108](<https://vulners.com/cve/CVE-2020-1108>)5.0Critical [CVE-2020-1161](<https://vulners.com/cve/CVE-2020-1161>)5.0Critical [CVE-2020-1171](<https://vulners.com/cve/CVE-2020-1171>)9.3Critical [CVE-2020-1192](<https://vulners.com/cve/CVE-2020-1192>)9.3Critical ### *KB list*: [4556826](<http://support.microsoft.com/kb/4556826>) [4556813](<http://support.microsoft.com/kb/4556813>) [4556812](<http://support.microsoft.com/kb/4556812>) [4556807](<http://support.microsoft.com/kb/4556807>) [4556406](<http://support.microsoft.com/kb/4556406>) [4556405](<http://support.microsoft.com/kb/4556405>) [4556404](<http://support.microsoft.com/kb/4556404>) [4556403](<http://support.microsoft.com/kb/4556403>) [4556402](<http://support.microsoft.com/kb/4556402>) [4556401](<http://support.microsoft.com/kb/4556401>) [4556400](<http://support.microsoft.com/kb/4556400>) [4556441](<http://support.microsoft.com/kb/4556441>) [4552929](<http://support.microsoft.com/kb/4552929>) [4552926](<http://support.microsoft.com/kb/4552926>) [4552931](<http://support.microsoft.com/kb/4552931>) [4556399](<http://support.microsoft.com/kb/4556399>) [4552928](<http://support.microsoft.com/kb/4552928>) ### *Microsoft official advisories*:


Related