released Jan 9th, 2024
Summary of What's New in this Release of Visual Studio 2022 version 17.8.4
Developer Community
- Target Android framework cannot be selected when the target runtime for Android is .NET 8 in .NET MAUI
- The service 'Microsoft.VisualStudio-OLE.Interop.IOleUndoManager' must be installed
- After upgrade to Visual Studio 17.8.0, Interactive REST Tests no longer work
- Visual Studio 2022 Release 17.8 Hovering over variable in debug at breakpoint does not show value
- 17.8 Preview 2 fails to load the IncrediBuild 'Extension Settings' options dialog
- debug single step function does not work anymore in mixed debugger mode and shows error 0x8ede0018
Security Advisories Addressed
- CVE-2024-20656 A vulnerability exists in the VSStandardCollectorService150 service, where local attackers can escalate privileges on hosts where an affected installation of Microsoft Visual Studio is running.
- CVE-2023-32027 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32025 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32026 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-29356 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-32028 This advisory is republished to address a Microsoft SQL OLE DB Remote Code Execution vulnerability in Visual Studio.
- CVE-2023-29349 This advisory is republished to address a Microsoft ODBC and OLE DB Remote Code Execution vulnerability in Visual Studio.
- CVE-2024-0057 A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw.
- CVE-2024-0056 A vulnerability exists in the Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data provider where an attacker can perform an interception attack (sometimes called a MITM, or man-in-the-middle, attack) between the SQL client and the SQL server.
- CVE-2024-21319 Microsoft is releasing this security advisory to provide information about a vulnerability in the ASP.NET Core project templates.
Source:
Visual Studio 2022 Release Notes
Learn about the latest features, bug fixes, and support for Visual Studio 2022. Download today.
learn.microsoft.com