QID 91960
Date Published: 2022-11-09
QID 91960: Microsoft Visual Studio Security Updates for November 2022
Microsoft has released security Updates for Visual Studio which resolve Remote Code Execution Vulnerabilities.
Affected Software:
Microsoft Visual Studio 2022 version 17.3
Microsoft Visual Studio 2022 version 17.2
Microsoft Visual Studio 2022 version 17.0
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
QID Detection Logic: Authenticated : Windows
This QID detects vulnerable versions of Microsoft Visual Studio by checking the registry key "HKLM\SOFTWARE\Microsoft" and file "evenv.exe" to check the version of the Visual Studio.
Vulnerable versions of Microsoft Visual Studio are prone to Arbitrary Code Execution.
Solution
Customers are advised to refer to CVE-2022-41119 and CVE-2022-39253 for more information pertaining to this vulnerability.
Vendor References
- CVE-2022-39253 -
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-39253 - CVE-2022-41119 -
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41119
CVEs related to QID 91960
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| CVE-2022-39253 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-39253 |
||
| CVE-2022-41119 |
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41119 |