0
0

[–] derram ago 

https://archive.fo/SoyaE :

Microsoft Visual Studio C++ Runtime installers were built to fail • The Register

'Security researcher Stefan Kanthak claims that the Microsoft Visual C++ Redistributable for Visual Studio 2017 executable installers (x86 and x64) were built with insecure tools from several years ago, creating a vulnerability that could allow privilege escalation. '

'He said, "Whatever Microsoft said: It's COMPLETE BULLSHIT, and a BLATANT LIE! CVE-2018-0952 fixes an UNRELATED vulnerability in Visual Studio. '

'THERE IS NO FIX FOR INSTALLERS BUILT WITH WIX TOOLSET!" [His capitals - Ed]Kanthak said he informed Mensching at FireGiant about this problem three years ago. ', "DLL hijacking allows malware that's next to an executable in a directory to be loaded when the executable runs."

'Kanthak said he disclosed the issue to Microsoft, as he has multiple times for related flaws over the past two decades. '


This has been an automated message.