Jamf Nation Community

SeanA · ‎05-31-2017

I have a task to package the Microsoft Visual Studio for Mac Security Update that was mentioned in the release notes of the April 2017 Security Update Guide, though, so far, I am unable to find a download link for the update/patch.

I have looked in the Security Update Guide, even downloaded the Excel spreadsheet that contained the information and CVE's for all the security updates, though I am not finding any evidence of a update/patch for Microsoft Visual Studio for Mac

What am I missing here?
Thanks in advance.

SeanA · ‎11-02-2017

To answer my own question here, the vulnerability cited is actually with the Mono Frameworks within Visual Studio (though Mono Frameworks can be installed from outside Visual Studio for Mac as well).

The Mono Framework is an open source implementation of Microsoft’s .NET Framework.

The vulnerability is CVE-2013-6629 and is caused by a libjpeg issue where it incorrectly handles certain memory operations. If exploited, a remote attacker could use this issue to possibly expose sensitive information with a crafted JPEG image.

Mono Framework webpage indicates 4.8.1.0 is the patched version for this vulnerability.

View solution in original post

SeanA · ‎11-02-2017

To answer my own question here, the vulnerability cited is actually with the Mono Frameworks within Visual Studio (though Mono Frameworks can be installed from outside Visual Studio for Mac as well).

The Mono Framework is an open source implementation of Microsoft’s .NET Framework.

The vulnerability is CVE-2013-6629 and is caused by a libjpeg issue where it incorrectly handles certain memory operations. If exploited, a remote attacker could use this issue to possibly expose sensitive information with a crafted JPEG image.

Mono Framework webpage indicates 4.8.1.0 is the patched version for this vulnerability.

Jamf Nation Community

Where is the Microsoft Visual Studio for Mac Security Update (April 2017) ?