Software-update: Visual Studio 2022 17.8.4

Microsoft heeft versie 17.8.4 van Visual Studio 2022 uitgebracht, een versie met extra lange ondersteuning. Deze populaire programmeerontwikkelomgeving, verkrijgbaar in de smaken Community, Professional en Enterprise, beschikt over handige opties om het programmeren in onder andere Visual C++, Visual Basic, C#, F# en Python gemakkelijker te maken. De nieuwe versie is volledig 64bit en heeft een vereenvoudigde gebruikersinterface. Meer informatie over versie 17.8 is op deze pagina van Microsoft te vinden. De changelog voor versie 17.8.4 ziet er als volgt uit:

Developer Community

• Target Android framework cannot be selected when the target runtime for Android is .NET 8 in .NET MAUI
• The service 'Microsoft.VisualStudio.OLE.Interop.IOleUndoManager' must be installed
• After upgrade to Visual Studio 17.8.0, Interactive REST Tests no longer work
• Visual Studio 2022 Release 17.8 Hovering over variable in debug at breakpoint does not show value
• 17.8 Preview 2 fails to load the IncrediBuild 'Extension Settings' options dialog
• debug single step function does not work anymore in mixed debugger mode and shows error 0x8ede0018

Security Advisories Addressed

• CVE-2024-20656 A vulnerability exists in the VSStandardCollectorService150 service, where local attackers can escalate privileges on hosts where an affected installation of Microsoft Visual Studio is running.
• CVE-2023-32027 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
• CVE-2023-32025 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
• CVE-2023-32026 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
• CVE-2023-29356 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
• CVE-2023-32028 This advisory is republished to address a Microsoft SQL OLE DB Remote Code Execution vulnerability in Visual Studio.
• CVE-2023-29349 This advisory is republished to address a Microsoft ODBC and OLE DB Remote Code Execution vulnerability in Visual Studio.
• CVE-2024-0057 A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw.
• CVE-2024-0056 A vulnerability exists in the Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data provider where an attacker can perform an interception attack (sometimes called a MITM, or man-in-the-middle, attack) between the SQL client and the SQL server.
• CVE-2024-21319 Microsoft is releasing this security advisory to provide information about a vulnerability in the ASP.NET Core project templates.