CVE-2019-0809

CVE-2019-0809 affects the Visual Studio C++ Redistributable Installer. The vulnerability arises from improper validation of input before loading DLLs, enabling remote code execution in the context of the current user. Exploitation requires the attacker to place a malicious DLL on the target syste...

Microsoft Patches Two Win32k Bugs Under Active Attack

Microsoft released patches for two Win32k bugs actively under attack, along with fixes for four additional bugs that are publicly known, as part of its March Patch Tuesday security bulletin. The Win32k bugs are both elevation of privilege vulnerabilities, rated important, and tied to the way...

KLA11433 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A tampering vulnerability in NuGet Package Manager can be exploited remotely to spoo...

Security Updates for Microsoft Visual Studio Products (March 2019)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library DLL...