Researchers Uncover Publisher Spoofing Bug in Microsoft Visual Studio Installer
Researchers Uncover Publisher Spoofing Bug in Microsoft Visual Studio Installer
12 June 2023
Security researchers have warned about an "easily exploitable" flaw in the Microsoft Visual Studio installer that could be abused by a malicious actor to impersonate a legitimate publisher and distribute malicious extensions.
"A threat actor could impersonate a popular publisher and issue a malicious extension to compromise a targeted system," Varonis researcher Dolev Taler said. "Malicious