{"id": "SMNTC-106391", "type": "symantec", "bulletinFamily": "software", "title": "Microsoft Visual Studio CVE-2019-0546 Remote Code Execution Vulnerability", "description": "### Description\n\nMicrosoft Visual Studio is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the current-user. Failed exploit attempts will likely result in denial of service conditions.\n\n### Technologies Affected\n\n * Microsoft Visual Studio 2017 15.9 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "published": "2019-01-08T00:00:00", "modified": "2019-01-08T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/106391", "reporter": "Symantec Security Response", "references": [], "cvelist": ["CVE-2019-0546"], "lastseen": "2019-01-09T01:37:08", "viewCount": 5, "enchantments": {"score": {"value": 8.6, "vector": "NONE", "modified": "2019-01-09T01:37:08", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-0546"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814662"]}, {"type": "mscve", "idList": ["MS:CVE-2019-0546"]}, {"type": "nessus", "idList": ["SMB_NT_MS19_JAN_VISUAL_STUDIO.NASL"]}, {"type": "kaspersky", "idList": ["KLA11399"]}, {"type": "talosblog", "idList": ["TALOSBLOG:7E9E33CAB0FFF41F91CB12E204945F7F"]}], "modified": "2019-01-09T01:37:08", "rev": 2}, "vulnersScore": 8.6}, "affectedSoftware": [{"name": "Microsoft Visual Studio", "operator": "eq", "version": "2017 15.9 "}]}

{"cve": [{"lastseen": "2020-10-03T13:38:36", "description": "A remote code execution vulnerability exists in Visual Studio when the C++ compiler improperly handles specific combinations of C++ constructs, aka \"Visual Studio Remote Code Execution Vulnerability.\" This affects Microsoft Visual Studio.", "edition": 4, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-08T21:29:00", "title": "CVE-2019-0546", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0546"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:visual_studio_2017:15.9"], "id": "CVE-2019-0546", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0546", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*"]}], "zdi": [{"lastseen": "2020-06-22T11:41:29", "bulletinFamily": "info", "cvelist": ["CVE-2019-0546"], "description": "This vulnerability allows attackers to execute arbitrary code on executables compiled using vulnerable installations of Microsoft Visual Studio. Attack vectors will vary depending on the nature of the executable in question. The specific flaw exists within the compilation of __asm blocks in Visual C++. Incorrect output produced by the compiler can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process.", "edition": 1, "modified": "2019-06-22T00:00:00", "published": "2019-01-10T00:00:00", "id": "ZDI-19-015", "href": "https://www.zerodayinitiative.com/advisories/ZDI-19-015/", "title": "Microsoft Visual Studio asm Memory Corruption Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2020-08-07T11:48:29", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-0546"], "description": "A remote code execution vulnerability exists in Visual Studio when the C++ compiler improperly handles specific combinations of C++ constructs. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\n\nExploitation of the vulnerability requires that a user open a specially crafted file which was compiled with an affected version of Visual Studio. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted project, or resource file, to the user and convince the user to open the file.\n\nThe security update addresses the vulnerability by correcting how the Visual Studio C++ compiler handles certain C++ constructs.\n", "edition": 2, "modified": "2019-01-08T08:00:00", "id": "MS:CVE-2019-0546", "href": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0546", "published": "2019-01-08T08:00:00", "title": "Visual Studio Remote Code Execution Vulnerability", "type": "mscve", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-06-05T16:27:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-0546"], "description": "This host is missing an important security\n update according to Microsoft Security Update January-2019.", "modified": "2020-06-04T00:00:00", "published": "2019-01-18T00:00:00", "id": "OPENVAS:1361412562310814662", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814662", "type": "openvas", "title": "Microsoft Visual Studio Remote Code Execution Vulnerability Jan19", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Visual Studio Remote Code Execution Vulnerability Jan19\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814662\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-0546\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-18 15:11:24 +0530 (Fri, 18 Jan 2019)\");\n script_name(\"Microsoft Visual Studio Remote Code Execution Vulnerability Jan19\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft Security Update January-2019.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists when the Visual Studio C++\n compiler improperly handles specific combinations of C++ constructs.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to run arbitrary code in the context of the current user. If the\n current user is logged on with administrative user rights, an attacker could\n take control of the affected system.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Visual Studio 2017 Version 15.9.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0546\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes-v15.9\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_ms_visual_prdts_detect.nasl\");\n script_mandatory_keys(\"Microsoft/VisualStudio/Ver\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nvsVer = get_kb_item(\"Microsoft/VisualStudio/Ver\");\nif(!vsVer || vsVer !~ \"^15\\.\"){\n exit(0);\n}\n\nos_arch = get_kb_item(\"SMB/Windows/Arch\");\nif(!os_arch){\n exit(0);\n}\n\nif(\"x86\" >< os_arch){\n key_list = make_list(\"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\");\n}\n\nelse if(\"x64\" >< os_arch){\n key_list = make_list(\"SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\",\n \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\");\n}\n\nforeach key (key_list)\n{\n foreach item (registry_enum_keys(key:key))\n {\n vsname = registry_get_sz(key:key + item, item:\"DisplayName\");\n if(vsname =~ \"^Visual Studio.*2017$\")\n {\n vsversion = registry_get_sz(key:key + item, item:\"DisplayVersion\");\n if(!vsversion){\n exit(0);\n }\n\n if(version_is_less(version:vsversion, test_version:\"15.9.28307.280\"))\n {\n report = report_fixed_ver(installed_version:vsversion, fixed_version:\"Visual Studio 2017 version 15.9.28307.280\");\n security_message(data:report);\n exit(0);\n }\n }\n }\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T05:46:05", "description": "The Microsoft Visual Studio Products are missing a security\nupdate. It is, therefore, affected by the following\nvulnerability :\n\n - An information disclosure vulnerability exists when\n Visual Studio improperly discloses arbitrary file\n contents if the victim opens a malicious .vscontent\n file. An attacker who took advantage of this information\n disclosure could view arbitrary file contents from the\n computer where the victim launched Visual Studio. To\n take advantage of the vulnerability, an attacker would\n need to trick a user into opening a malicious .vscontent\n file using a vulnerable version of Visual Studio. An\n attacker would have no way to force a developer to\n produce this information disclosure. The security update\n addresses the vulnerability by correcting how Visual\n Studio loads .vscontent files. (CVE-2019-0537)\n\n - A remote code execution vulnerability exists in Visual\n Studio when the C++ compiler improperly handles specific\n combinations of C++ constructs. An attacker who\n successfully exploited the vulnerability could run\n arbitrary code in the context of the current user. If\n the current user is logged on with administrative user\n rights, an attacker could take control of the affected\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted \n than users who operate with administrative user rights.\n Exploitation of the vulnerability requires that a user \n open a specially crafted file which was compiled with\n an affected version of Visual Studio. In an email\n attack scenario, an attacker could exploit the \n vulnerability by sending a specially crafted project,\n or resource file, to the user and convince the user to\n open the file. (CVE-2019-0546)", "edition": 21, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-10T00:00:00", "title": "Security Updates for Microsoft Visual Studio Products (January 2019)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-0546", "CVE-2019-0537"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:microsoft:visual_studio"], "id": "SMB_NT_MS19_JAN_VISUAL_STUDIO.NASL", "href": "https://www.tenable.com/plugins/nessus/121065", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121065);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/10/31 15:18:52\");\n\n script_cve_id(\"CVE-2019-0537\", \"CVE-2019-0546\");\n script_xref(name:\"MSKB\", value:\"4476698\");\n script_xref(name:\"MSKB\", value:\"4476755\");\n script_xref(name:\"MSFT\", value:\"MS19-4476698\");\n script_xref(name:\"MSFT\", value:\"MS19-4476755\");\n script_xref(name:\"IAVA\", value:\"2019-A-0011\");\n\n script_name(english:\"Security Updates for Microsoft Visual Studio Products (January 2019)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Visual Studio Products are missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Visual Studio Products are missing a security\nupdate. It is, therefore, affected by the following\nvulnerability :\n\n - An information disclosure vulnerability exists when\n Visual Studio improperly discloses arbitrary file\n contents if the victim opens a malicious .vscontent\n file. An attacker who took advantage of this information\n disclosure could view arbitrary file contents from the\n computer where the victim launched Visual Studio. To\n take advantage of the vulnerability, an attacker would\n need to trick a user into opening a malicious .vscontent\n file using a vulnerable version of Visual Studio. An\n attacker would have no way to force a developer to\n produce this information disclosure. The security update\n addresses the vulnerability by correcting how Visual\n Studio loads .vscontent files. (CVE-2019-0537)\n\n - A remote code execution vulnerability exists in Visual\n Studio when the C++ compiler improperly handles specific\n combinations of C++ constructs. An attacker who\n successfully exploited the vulnerability could run\n arbitrary code in the context of the current user. If\n the current user is logged on with administrative user\n rights, an attacker could take control of the affected\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted \n than users who operate with administrative user rights.\n Exploitation of the vulnerability requires that a user \n open a specially crafted file which was compiled with\n an affected version of Visual Studio. In an email\n attack scenario, an attacker could exploit the \n vulnerability by sending a specially crafted project,\n or resource file, to the user and convince the user to\n open the file. (CVE-2019-0546)\");\n # https://support.microsoft.com/en-us/help/4476698/information-disclosure-vulnerability-in-visual-studio\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c34adc8e\");\n # https://support.microsoft.com/en-us/help/4476755/description-of-the-security-update-for-the-information-disclosure\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?954b24db\");\n # https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d93e731\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n - KB4476698\n - KB4476755\n - Update 15.9.4 for Visual Studio 2017\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0546\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visual_studio\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ms_bulletin_checks_possible.nasl\", \"microsoft_visual_studio_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\", \"installed_sw/Microsoft Visual Studio\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\n\n\nget_kb_item_or_exit('installed_sw/Microsoft Visual Studio');\n\nport = kb_smb_transport();\nappname = 'Microsoft Visual Studio';\n\ninstalls = get_installs(app_name:appname, exit_if_not_found:TRUE);\n\nreport = '';\n\nforeach install (installs[1])\n{\n version = install['version'];\n path = install['path'];\n prod = install['Product'];\n\n # VS 2010 SP1\n if (version =~ '^10\\\\.0\\\\.')\n {\n commonfiles = hotfix_get_commonfilesdirx86();\n if (!commonfiles) commonfiles = hotfix_get_commonfilesdir();\n\n if (!commonfiles) audit(AUDIT_PATH_NOT_DETERMINED, 'Common Files');\n if (commonfiles) path = hotfix_append_path(path:commonfiles, value:\"\\microsoft shared\\MSEnv\\\");\n\n fver = hotfix_get_fversion(path:path + \"VSContentInstaller.exe\");\n if (fver['error'] != 0)\n continue;\n if (empty_or_null(fver['value']))\n continue;\n fversion = join(sep:\".\", fver['value']);\n if (ver_compare(ver: fversion, fix: '10.0.40219.501', strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path + \"VSContentInstaller.exe\" +\n '\\n Installed version : ' + fversion +\n '\\n Fixed version : 10.0.40219.501' +\n '\\n';\n }\n }\n # VS 2012 Up5\n else if (version =~ '^11\\\\.0\\\\.')\n {\n commonfiles = hotfix_get_commonfilesdirx86();\n if (!commonfiles) commonfiles = hotfix_get_commonfilesdir();\n\n if (!commonfiles) audit(AUDIT_PATH_NOT_DETERMINED, 'Common Files');\n\n fver = hotfix_get_fversion(path:path+\"VSContentInstaller.exe\");\n if (fver['error'] != 0)\n continue;\n if (empty_or_null(fver['value']))\n continue;\n fversion = join(sep:\".\", fver['value']);\n if (ver_compare(ver: fversion, fix: '11.0.61239.400', strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path + \"VSContentInstaller.exe\" +\n '\\n Installed version : ' + fversion +\n '\\n Fixed version : 11.0.61239.400' +\n '\\n';\n }\n }\n\n # VS 2017 version 15.9\n # On 15.7.5, it asks to update to 15.9.5\n else if (prod == '2017' && version =~ '^15\\\\.[1-9]\\\\.')\n {\n fix = '15.9.28307.280';\n\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n}\n\nif (report != '')\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\nelse\n audit(AUDIT_INST_VER_NOT_VULN, appname);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T11:52:58", "bulletinFamily": "info", "cvelist": ["CVE-2019-0548", "CVE-2019-0545", "CVE-2019-0564", "CVE-2019-0546", "CVE-2019-0537"], "description": "### *Detect date*:\n01/08/2019\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nMicrosoft Visual Studio 2012 Update 5 \nMicrosoft Visual Studio 2010 Service Pack 1 \nASP.NET Core 2.1 \nASP.NET Core 2.2 \nMicrosoft .NET Framework 3.5.1 \nMicrosoft .NET Framework 3.0 Service Pack 2 \nMicrosoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 \nMicrosoft .NET Framework 3.5 \nMicrosoft .NET Framework 4.7/4.7.1/4.7.2 \nMicrosoft .NET Framework 2.0 Service Pack 2 \nMicrosoft .NET Framework 4.7.1/4.7.2 \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 \nMicrosoft .NET Framework 4.7.2 \n.NET Core 2.2 \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2 \nMicrosoft .NET Framework 4.5.2 \n.NET Core 2.1 \nMicrosoft .NET Framework 4.6 \nPowerShell Core 6.2 \nPowerShell Core 6.1 \nMicrosoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-0537](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0537>) \n[CVE-2019-0546](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0546>) \n[CVE-2019-0548](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0548>) \n[CVE-2019-0564](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0564>) \n[CVE-2019-0545](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0545>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *CVE-IDS*:\n[CVE-2019-0537](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0537>)0.0Unknown \n[CVE-2019-0546](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0546>)0.0Unknown \n[CVE-2019-0548](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0548>)0.0Unknown \n[CVE-2019-0564](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0564>)0.0Unknown \n[CVE-2019-0545](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0545>)0.0Unknown\n\n### *KB list*:\n[4480978](<http://support.microsoft.com/kb/4480978>) \n[4480962](<http://support.microsoft.com/kb/4480962>) \n[4480966](<http://support.microsoft.com/kb/4480966>) \n[4480961](<http://support.microsoft.com/kb/4480961>) \n[4480973](<http://support.microsoft.com/kb/4480973>) \n[4476698](<http://support.microsoft.com/kb/4476698>) \n[4476755](<http://support.microsoft.com/kb/4476755>) \n[4480056](<http://support.microsoft.com/kb/4480056>) \n[4481480](<http://support.microsoft.com/kb/4481480>) \n[4481481](<http://support.microsoft.com/kb/4481481>) \n[4481482](<http://support.microsoft.com/kb/4481482>) \n[4481483](<http://support.microsoft.com/kb/4481483>) \n[4481484](<http://support.microsoft.com/kb/4481484>) \n[4481485](<http://support.microsoft.com/kb/4481485>) \n[4481486](<http://support.microsoft.com/kb/4481486>) \n[4481487](<http://support.microsoft.com/kb/4481487>)\n\n### *Microsoft official advisories*:", "edition": 10, "modified": "2020-07-22T00:00:00", "published": "2019-01-08T00:00:00", "id": "KLA11399", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11399", "title": "\r KLA11399Multiple vulnerabilities in Microsoft Developer Tools ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "talosblog": [{"lastseen": "2019-01-16T10:42:39", "bulletinFamily": "blog", "cvelist": ["CVE-2019-0536", "CVE-2019-0537", "CVE-2019-0538", "CVE-2019-0539", "CVE-2019-0541", "CVE-2019-0542", "CVE-2019-0543", "CVE-2019-0545", "CVE-2019-0546", "CVE-2019-0547", "CVE-2019-0548", "CVE-2019-0549", "CVE-2019-0550", "CVE-2019-0551", "CVE-2019-0552", "CVE-2019-0553", "CVE-2019-0554", "CVE-2019-0555", "CVE-2019-0556", "CVE-2019-0557", "CVE-2019-0558", "CVE-2019-0559", "CVE-2019-0560", "CVE-2019-0561", "CVE-2019-0562", "CVE-2019-0564", "CVE-2019-0565", "CVE-2019-0566", "CVE-2019-0567", "CVE-2019-0568", "CVE-2019-0569", "CVE-2019-0570", "CVE-2019-0571", "CVE-2019-0572", "CVE-2019-0573", "CVE-2019-0574", "CVE-2019-0575", "CVE-2019-0576", "CVE-2019-0577", "CVE-2019-0578", "CVE-2019-0579", "CVE-2019-0580", "CVE-2019-0581", "CVE-2019-0582", "CVE-2019-0583", "CVE-2019-0584", "CVE-2019-0585", "CVE-2019-0586", "CVE-2019-0588"], "description": "[](<http://2.bp.blogspot.com/-ANFCKlpBiis/XDT4w08wP6I/AAAAAAAAFEg/aBxDQqabS3sVdRQE2DZDBJnMFcZIxf7hgCK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg>)\n\n \nMicrosoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated \u201ccritical,\u201d 40 that are considered \u201cimportant\u201d and one that is \u201cmoderate.\u201d This release also includes a critical security advisory for multiple bugs in Adobe Flash Player. \n \nThis month\u2019s security update covers security issues in a variety of Microsoft\u2019s products, including the Jet Database Engine, Office SharePoint and the Chakra Scripting Engine. For coverage of these vulnerabilities, read the SNORT\u24c7 blog post [here](<https://blog.snort.org/2019/01/snort-rule-update-for-jan-8-2019.html>). \n\n\n### Critical vulnerabilities\n\n \nMicrosoft disclosed seven critical vulnerabilities this month, which we will highlight below. \n \n[CVE-2019-0550](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0550>) and [CVE-2019-0551](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0551>) are remote code execution vulnerabilities in Windows Hyper-V, a native hypervisor that can create virtual machines. These bugs exist due to the way a host server fails to properly validate input from an authenticated user on a guest operating system. An attacker could exploit these vulnerabilities by running a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. \n \n[CVE-2019-0539](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0539>), [CVE-2019-0567](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0567>) and [CVE-2019-0568](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0568>) are memory corruption vulnerabilities in the way the Chakra Scripting Engine handles objects in memory on the Microsoft Edge web browser. An attacker could corrupt memory in a way that would allow them to execute code in the context of the current user. In order to trigger this vulnerability, a user would have to visit a specially crafted, malicious web page in Edge. \n \n[CVE-2019-0547](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547>) is a memory corruption vulnerability in the Windows DHCP client that exists when an attacker sends specially crafted DHCP responses to a client. An attacker could gain the ability to run arbitrary code on the client machine if they successfully exploit this vulnerability. \n \n[CVE-2019-0565](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0565>) is a memory corruption vulnerability in Microsoft Edge that occurs when the web browser improperly handles objects in memory. An attacker could corrupt memory in a way that would allow them to execute arbitrary code in the context of the current user. A user would trigger this vulnerability if they visited a specially crafted, malicious web page in Edge. \n\n\n### Important vulnerabilities\n\nThis release also contains 40 important vulnerabilities, four of which we will highlight below. \n \n[CVE-2019-0555](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0555>) is an escalation of privilege vulnerability in the Microsoft XmlDocument class that could allow an attacker to escape the AppContainer sandbox. An attacker could exploit this flaw to gain elevated privileges and break out of the Microsoft Edge AppContainer sandbox. While this vulnerability does not allow arbitrary code to run explicitly, it could be combined with other vulnerabilities to take advantage fo the elevated privileges while running. \n \n[CVE-2019-0572](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0572>), [CVE-2019-0573](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0573>) and [CVE-2019-0574](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0574>) are elevation of privilege vulnerabilities in Windows Data Sharing that lie in the way the service improperly handles file operations. An attacker could exploit this vulnerability by running a specially crafted application to gain the ability to run processes in an elevated context. \n \n\n\n * [CVE-2019-0536](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0536>)\n * [CVE-2019-0537](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0537>)\n * [CVE-2019-0538](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0538>)\n * [CVE-2019-0541](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0541>)\n * [CVE-2019-0542](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0542>)\n * [CVE-2019-0543](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0543>)\n * [CVE-2019-0545](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0545>)\n * [CVE-2019-0548](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0548>)\n * [CVE-2019-0549](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0549>)\n * [CVE-2019-0552](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0552>)\n * [CVE-2019-0553](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0553>)\n * [CVE-2019-0554](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0554>)\n * [CVE-2019-0556](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0556>)\n * [CVE-2019-0557](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0557>)\n * [CVE-2019-0558](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0558>)\n * [CVE-2019-0559](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0559>)\n * [CVE-2019-0560](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0560>)\n * [CVE-2019-0561](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0561>)\n * [CVE-2019-0562](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0562>)\n * [CVE-2019-0564](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0564>)\n * [CVE-2019-0566](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0566>)\n * [CVE-2019-0569](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0570>)\n * [CVE-2019-0570](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0570>)\n * [CVE-2019-0571](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0571>)\n * [CVE-2019-0575](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0575>)\n * [CVE-2019-0576](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0576>)\n * [CVE-2019-0577](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577>)\n * [CVE-2019-0578](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0578>)\n * [CVE-2019-0579](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0579>)\n * [CVE-2019-0580](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0580>)\n * [CVE-2019-0581](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0581>)\n * [CVE-2019-0582](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0582>)\n * [CVE-2019-0583](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0583>)\n * [CVE-2019-0584](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0584>)\n * [CVE-2019-0585](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585>)\n * [CVE-2019-0586](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0586>)\n * [CVE-2019-0588](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588>)\n \n\n\n### Moderate\n\nThe only moderate vulnerability in this release is [CVE-2019-0546](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0546>), a remote code execution vulnerability in Microsoft Visual Studio. \n\n\n### Coverage \n\nIn response to these vulnerability disclosures, Talos is releasing the following SNORT\u24c7 rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org. \n \nSnort rules: 48768 - 48770, 48773 - 48780, 48783, 48787 - 48790, 48793 - 48795, 48798, 48807 - 48810, 48876 \n\n\n \n\n\n", "modified": "2019-01-08T20:24:36", "published": "2019-01-08T11:40:00", "id": "TALOSBLOG:7E9E33CAB0FFF41F91CB12E204945F7F", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/ytwyhglUyOk/microsoft-patch-tuesday-january-2019.html", "type": "talosblog", "title": "Microsoft Patch Tuesday \u2014 January 2019: Vulnerability disclosures and Snort coverage", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}