QID 91831
Date Published: 2021-11-10
QID 91831: Microsoft Visual Studio Security Update - November 2021
Microsoft has released a security Update for Visual Studio which resolves Elevation of privilege and Remote Code Execution Vulnerabilities.
Affected Software:
Microsoft Visual Studio 2019 prior to version 16.11 (includes 16.0-16.10)
Microsoft Visual Studio 2019 prior to version 16.9 (includes 16.0-16.8)
Microsoft Visual Studio 2019 prior to version 16.7 (includes 16.0-16.6)
Microsoft Visual Studio 2017 prior to version 15.9 (includes 15.0-15.8)
and Microsoft Visual Studio 2015 Update 3
The vulnerable versions of Visual Studio let attackers to perform Elevation of privilege and Remote Code Execution Attacks.
Solution
Customers are advised to refer to CVE-2021-42319, CVE-2021-42277 and, CVE-2021-3711 for more information pertaining to these vulnerabilities.
Vendor References
- CVE-2021-3711 -
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-3711 - CVE-2021-42277 -
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42277
- CVE-2021-42319 -
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42319
CVEs related to QID 91831
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| CVE-2021-3711 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-3711 |
||
| CVE-2021-42277 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42277 |
||
| CVE-2021-42319 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42319 |
||
| KB5007275 |
aka.ms/vs/14/release/5007275 |