We've seen a number of Visual Studio related vulnerabilities, but not seeing many hosts applicable to our VS fixlets

We’ve seen a number of Visual Studio related vulnerabilities, but not seeing many hosts applicable to our VS fixlets.
MS24-OCT: Security Update for Microsoft Visual Studio 2019 version 16.11.41 update - KB4576339
I’m wondering VS is not installed on server then why 4th relevance is Checking is it right or it should be removed from fixlet
exists keys “HKLM\SOFTWARE\Microsoft\VisualStudio\Setup” whose (value “AdministratorUpdatesEnabled” of it as integer = 1 and value “AdministratorUpdatesOptOut” of it as integer = 0) of native registry

I think you’d have to do some more investigation. Is Visual Studio installed? What version?

Visual Studio is not installed on server refer the first QNA whcih are showing as false

Ok then you won’t need to patch it and it correctly is ‘Not Relevant’ based on the relevance that is checking for its installation existence/version.

The last relevance is checking whether Administrative Updates are enabled and whether they are blocked. I’m not sure how that impacts the detection/installation, but if you find a case where you are getting false-negatives because of that clause it may be worth opening a support ticket to investigate.

1 Like