Jul 2018:
CVE-2018-8172 Published on July 11, 2018

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.

NVD

Products Associated with CVE-2018-8172

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Expression Blend

Microsoft Visual Studio

Microsoft Visual Studio 2017

Affected Versions

Microsoft Visual Studio:

Version 2010 Service Pack 1 is affected.
Version 2012 Update 5 is affected.
Version 2013 Update 5 is affected.
Version 2015 Update 3 is affected.
Version 2017 is affected.
Version 2017 Version 15.7.5 is affected.
Version 2017 Version 15.8 Preview is affected.

Microsoft Expression Blend 4:

Version Service Pack 3 is affected.

Exploit Probability

EPSS

20.76%

Percentile

95.54%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jul 2018: CVE-2018-8172 Published on July 11, 2018

Products Associated with CVE-2018-8172

Affected Versions

Exploit Probability

Jul 2018:
CVE-2018-8172 Published on July 11, 2018