MS12-021:Visual Studio の脆弱性により、特権が昇格される (2651019)
2012年3月14日
危険度: : 高
CVE識別番号: CVE-2012-0008
概要
(MS12-021) Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019)
This security update resolves one privately reported vulnerability in Visual Studio. The vulnerability could allow elevation of privilege if an attacker places a specially crafted add-in in the path used by Visual Studio and convinces a user with higher privileges to start Visual Studio. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
トレンドマイクロの対策
詳しい情報については以下のサイトをご参照ください。
影響を受けるソフトウェア
- Microsoft Visual Studio 2008 Service Pack 1 (KB2669970)
- Microsoft Visual Studio 2010 (KB2644980)
- Microsoft Visual Studio 2010 Service Pack 1 (KB2645410)