Description of the security update for the Diagnostics Hub Standard Collector elevation of privilege vulnerability in Visual Studio 2015 Update 3

Applies to: Visual Studio 2015 Update 3

Summary


An elevation of privilege vulnerability exists if the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file creation in arbitrary locations.

To learn more about the vulnerability, go to CVE-2018-0952.

More information


Remote tools for Visual Studio 2015 Update 3

For more information about updated remote tools for Visual Studio 2015 Update 3, go to the following Microsoft webpage:

Prerequisites

To apply this security update, you must have Visual Studio 2015 Update 3 installed.

Replacement information

This update replaces KB4456688.

How to obtain and install the update


Method 1: Microsoft Download

The following file is available for download:

Download Download the hotfix package now.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.
 
Note You must restart your computer before you install this update. 

File information


File information
the English (United States) version of this software update installs files that have the attributes that are listed in the following tables. the dates and the times for these files are listed in Coordinated Universal Time (UTC). the dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.