Hey everyone! I'm curious if anyone has experienced C++ vulnerabilities popping up recently on Defender or Azure Defender for Cloud this week. I'm hoping to hear about any issues you're facing or solutions you've found!
2 Answers
I've dealt with this issue before (using Qualys, not Defender). I found that often the old records linger in the registry, which is what Qualys uses for detection. A good way to tackle it is to run this command for each old version, since x86 and x64 are different:
"C:\ProgramData\Package Cache\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}\VC redist.x64.exe" /uninstall /quiet /norestart
It generally didn’t affect most users. But I had one funny case of a user complaining that the VC keeps being removed whenever they try installing it back because they were using an old installer from years ago. Their software worked fine with the latest version!
Yep, I saw those vulnerabilities too! I spent about an hour yesterday updating the vulnerable versions and cleaning up anything outdated.
Awesome, good to know! I’ll definitely check that command out, thanks!