Title

Microsoft Visual Studio Elevation of Privilege Vulnerability (Cat II impact)

Discussion

Microsoft has released a security bulletin addressing an elevation of privilege vulnerability in Microsoft Visual Studio. Microsoft Visual Studio is an application development environment for Microsoft Windows. To exploit this vulnerability, an attacker would place a malicious add-in in the path used by Visual Studio. When Visual Studio is loaded by an administrator, the malicious add-in would load with the same privileges as the administrator. If successfully exploited, this vulnerability would allow an attacker to execute arbitrary code and compromise the affected system. At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents.

Check Content

See IAVM notice and vendor bulletin for additional information. Microsoft Bulletin MS12-021 (2651019). Vulnerable Applications/Systems: Microsoft Visual Studio 2008 SP1 Microsoft Visual Studio 2010 Microsoft Visual Studio 2010 SP1 Verify that the patch has been installed by checking that the following sample file is at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Systems/Applications not listed below. Vsaenv.exe Microsoft Visual Studio 2008 SP1 – 9.0.30729.5797 AppenvStub.dll Microsoft Visual Studio 2010 – 10.0.30319.552 Microsoft Visual Studio 2010 SP1 - 10.0.40219.377

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-31891

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.