QID 91895
Date Published: 2022-05-11
QID 91895: Microsoft Visual Studio Security Update for May 2022
Microsoft has released security Updates for Visual Studio which resolves Remote Code Execution and Denial of Service vulnerability.
Affected Software:
Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft Visual Studio 2022 Version 17.0
and
Microsoft Visual Studio 2022 Version 17.1
QID Detection Logic: Authenticated
This QID detects vulnerable versions of Microsoft Visual Studio by checking the file version of the Visual Studio.
Microsoft Visual Studio 2019 16.9, 2022 17.0, and 2022 17.1 versions are prone to Denial of Service Vulnerabilities
Solution
Customers are advised to refer to CVE-2022-29117, CVE-2022-29145, and CVE-2022-23267 for more information pertaining to these vulnerabilities.
Vendor References
- CVE-2022-23267 -
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267 - CVE-2022-29117 -
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117
- CVE-2022-29145 -
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145
CVEs related to QID 91895
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| CVE-2022-23267 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267 |
||
| CVE-2022-29117 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117 |
||
| CVE-2022-29145 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145 |
||
| CVE-2022-29148 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29148 |