Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Applies to: All Visual Studio 2013 Update 5 editions except Isolated and Integrated Shells, Build Tools, Remote Tools, and Express for Web.

Summary

An information disclosure vulnerability exists within VSGraphics in Microsoft Visual Studio 2013 when it incorrectly handles objects in memory.

To learn more about the vulnerability, see CVE-2023-27911, CVE-2023-27910, CVE-2023-27909, and CVE-2023-33139.

As part of this update, we are removing .fbx and .dae support. Support for these model formats has been provided by a third-party component (x86) that is no longer supported by the author. Affected users should use the fbx editor.

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

How to obtain and install the update

Method 1: Microsoft Download

The following file is available for download:

Download icon Download the hotfix package now.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website. 

More information

Prerequisites

To apply this security update, you must have Visual Studio 2013 Update 5 installed.

Restart requirement

We recommend that you close Visual Studio 2013 before you install this security update. Otherwise, you may have to restart the computer after you apply this security update if a file that is being updated is open or in use by Visual Studio.

Security update replacement information

This security update doesn't replace other security updates.

File hash information

File name

SHA256 hash

vs12-kb5026454.exe

4b95581184223069ad2e64ddf80e94b02efbcccbe113b66bed85930ed57a0b3e

Installation verification

To verify that this security update is applied correctly, follow these steps:

  1. Open the Visual Studio 2013 program folder.

  2. Locate the VsGraphics.exe and VsGraphicsCore.dll files in the Microsoft Visual Studio 12.0\Common7\IDE\Extensions\Microsoft\VsGraphics folder.

  3. Verify that the file version is equal to or greater than 12.0.40702.0.

If you elected to install the optional component (Tools for Maintaining Store Apps for Windows 8), follow these additional steps:

  1. Locate the VsGraphics.exe and VsGraphicsCore.dll files in the Microsoft Visual Studio 11.0\Common7\IDE\Extensions\Microsoft\VsGraphics folder.

  2. Verify that the file version is equal to or greater than 11.0.61253.402.

Information about protection and security

Protect yourself online: Windows Security support

Learn how we guard against cyber threats: Microsoft Security

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×