Vulnerability Management, Threat Management

Microsoft Visual Studio installer flaw discovered

Varonis researchers have discovered that the Microsoft Visual Studio installer is impacted by an already addressed vulnerability that could be easily leveraged to facilitate malicious extension deployment, The Hacker News reports. Threat actors could exploit the flaw, tracked as CVE-2023-28299, to spoof publishers' digital signatures, evade certain user restrictions, and include newline characters in the Visual Studio Extension file, to lure developers into installing malicious extensions that could facilitate data theft, code access and modifications, and total system takeovers, according to a Varonis report. Attacks could be enabled by phishing emails with the spoofed Visual Studio Extension masked as a software update that would enable initial compromise upon installation and later allow more extensive network control and data exfiltration activities. "The low complexity and privileges required make this exploit easy to weaponize. Threat actors could use this vulnerability to issue spoofed malicious extensions with the intention of compromising systems," said researcher Dolev Taler.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.