KLA10786 Code execution vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in .NET Framework can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted embedded to execute arbitrary code.

Original advisories

CVE-2016-0148

CVE-2016-0145

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-.NET-Framework

CVE list

CVE-2016-0148 high

CVE-2016-0145 critical

KB list

3147461

3147458

3143693

3142045

3142042

3142043

3142041

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Microsoft .NET Framework 3.5.1Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5Microsoft .NET Framework 4.6Microsoft .NET Framework 4.6/4.6.1