Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5026454
HistoryJun 13, 2023 - 7:00 a.m.

Description of the security update for the information disclosure vulnerability in Microsoft Visual Studio 2013 Update 5: June 13, 2023 (KB5026454)

2023-06-1307:00:00
Microsoft
support.microsoft.com
40
microsoft visual studio
information disclosure
vulnerability
update
.fbx
.dae
security update
microsoft security

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.1%

JSON

Description of the security update for the information disclosure vulnerability in Microsoft Visual Studio 2013 Update 5: June 13, 2023 (KB5026454)

**Applies to:**All Visual Studio 2013 Update 5 editions except Isolated and Integrated Shells, Build Tools, Remote Tools, and Express for Web.

Summary

An information disclosure vulnerability exists within VSGraphics in Microsoft Visual Studio 2013 when it incorrectly handles objects in memory.To learn more about the vulnerability, see CVE-2023-27911, CVE-2023-27910, CVE-2023-27909, and CVE-2023-33139.As part of this update, we are removing .fbx and .dae support. Support for these model formats has been provided by a third-party component (x86) that is no longer supported by the author. Affected users should use the fbx editor.

__

Third-party information disclaimer

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

How to obtain and install the update

Method 1: Microsoft Download

The following file is available for download:Download icon Download the hotfix package now.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

More information

Prerequisites

To apply this security update, you must have Visual Studio 2013 Update 5 installed.

Restart requirement

We recommend that you close Visual Studio 2013 before you install this security update. Otherwise, you may have to restart the computer after you apply this security update if a file that is being updated is open or in use by Visual Studio.

Security update replacement information

This security update doesn’t replace other security updates.

File hash information

File name SHA256 hash
vs12-kb5026454.exe 4b95581184223069ad2e64ddf80e94b02efbcccbe113b66bed85930ed57a0b3e

Installation verification

To verify that this security update is applied correctly, follow these steps:

  1. Open the Visual Studio 2013 program folder.
  2. Locate the VsGraphics.exe and VsGraphicsCore.dll files in the Microsoft Visual Studio 12.0\Common7\IDE\Extensions\Microsoft\VsGraphics folder.
  3. Verify that the file version is equal to or greater than 12.0.40702**.0**.
    If you elected to install the optional component (Tools for Maintaining Store Apps for Windows 8), follow these additional steps:
  4. Locate the VsGraphics.exe and VsGraphicsCore.dll files in the Microsoft Visual Studio 11.0\Common7\IDE\Extensions\Microsoft\VsGraphics folder.
  5. Verify that the file version is equal to or greater than 11**.0.61253.402**.

Information about protection and security

Protect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

Related

mskb 1
nessus 4
kaspersky 3
zdi 2
cvelist 4
cve 4
prion 4
nvd 4
mscve 4
openvas 2
rapid7blog 1
avleonov 1
mskb
mskb
Description of the security update for the information disclosure vulnerability in Microsoft Visual Studio 2015 Update 3: June 13, 2023 (KB5026455)
2023-06-13 07:00:00
nessus
nessus
Autodesk FBX-SDK library < 2020.3.4 Multiple Vulnerabilities (ADSK-SA-2023-0004)
2023-04-06 00:00:00
Security Updates for Microsoft Visual Studio Products (June 2023)
2023-06-13 00:00:00
Security Updates for Microsoft Office Products C2R Multiple Vulnerabilities (September 2023)
2023-09-13 00:00:00
kaspersky
kaspersky
KLA60730 Multiple vulnerabilities in Microsoft Apps
2023-06-13 00:00:00
KLA50317 Multiple vulnerabilities in Microsoft Developer Tools
2023-06-13 00:00:00
KLA50318 Multiple vulnerabilities in Microsoft Office
2023-06-13 00:00:00
zdi
zdi
Microsoft Office Word FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2023-09-12 00:00:00
(0Day) Microsoft 3D Viewer FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2023-05-31 00:00:00
cvelist
cvelist
CVE-2023-27909
2023-04-17 00:00:00
CVE-2023-33139 Visual Studio Information Disclosure Vulnerability
2023-06-13 23:25:55
CVE-2023-27910
2023-04-17 00:00:00
cve
cve
CVE-2023-27910
2023-04-17 21:15:07
CVE-2023-33139
2023-06-14 00:15:12
CVE-2023-27911
2023-04-17 21:15:07
prion
prion
Information disclosure
2023-06-14 00:15:00
Stack overflow
2023-04-17 21:15:00
Information disclosure
2023-04-17 21:15:00
nvd
nvd
CVE-2023-27911
2023-04-17 21:15:07
CVE-2023-33139
2023-06-14 00:15:12
CVE-2023-27910
2023-04-17 21:15:07
mscve
mscve
AutoDesk: CVE-2023-27910 stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior
2023-06-13 07:00:00
AutoDesk: CVE-2023-27909 Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK 2020 or prior
2023-06-13 07:00:00
Visual Studio Information Disclosure Vulnerability
2023-06-13 07:00:00
openvas
openvas
Microsoft Office 2019 Multiple Vulnerabilities (Sep 2023) - Mac OS X
2023-09-14 00:00:00
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Sep 2023)
2023-09-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2023
2023-06-13 20:49:27
avleonov
avleonov
Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP
2023-06-25 00:35:58

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.1%

JSON
Related for KB5026454
mskb1nessus4kaspersky3zdi2cvelist4cve4prion4nvd4mscve4openvas2rapid7blog1avleonov1