CVE-2019-1211

Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio (affected versions not specified) Git for Visual Studio (affected versions not specified)

Description The issue is related to errors in privilege management in the Git component of Microsoft Visual Studio. It allows an attacker to elevate their privileges. An attacker who successfully exploits the issue could execute code in the context of another local user. To exploit, an authenticated attacker would need to modify Git configuration files on a system and then convince another user to execute specific Git commands.

Recommendations For Microsoft Visual Studio, update the software to change the permissions required to edit configuration files. For Git for Visual Studio, update the software to change the permissions required to edit configuration files. As a temporary workaround, consider restricting access to Git configuration files to minimize the risk of exploitation.