Eng en

Select Country or Region

Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

You are here: Threats Vulnerability protection Microsoft Microsoft Visual Studio vulnerability could allow escalation of privilege

Vulnerability protection

Microsoft Visual Studio vulnerability could allow escalation of privilege


Report ID: MS201203005
Date Published: 14 March 2012

Criticality: Important
Compromise Type: privilege-escalation
Compromise From: local-system

Affected Product/Component:

Microsoft Visual Studio 2008
Microsoft Visual Studio 2010




Summary

A vulnerability in Microsoft Visual Studio could allow an attacker to execute arbitrary code with escalated privileges.



Detailed Description

Microsoft has issued a security update for Visual Studio to resolve a vulnerability that could be exploited to take control of an affected system. The vulnerability exists when loading add-ins from insecure file locations. Upon successful exploit, an attacker could execute arbitrary code with elevated privileges.

This vulnerability has been fixed in the update by correcting the way Visual Studio restricts where add-ins are loaded. Users are recommended to install this update as a protection againsts potential exploit.



CVE Reference

CVE-2012-0008



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-021)



Source

Microsoft Security Bulletin MS12-021



F-Secure Health Check



Health Check

 
Evaluate your computer's security and see recommended updates for popular programs.

 

Try it

Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.

 

Read F-Secure advisories