Today, we are releasing the July 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update for .NET Framework.
Security
CVE-2019-1006 – WCF/WIF SAML Token Authentication Bypass Vulnerability
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key.
This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.
CVE-2019-1083 – .NET Denial of Service Vulnerability
A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application.
The update addresses the vulnerability by correcting how the .NET web application handles web requests.
CVE-2019-1113 – .NET Framework Remote Code Execution Vulnerability
A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of .NET Framework. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.
The security update addresses the vulnerability by correcting how .NET Framework checks the source markup of a file.
Getting the Update
The Cumulative Update and Security and Quality Rollup are available via Windows Update, Windows Server Update Services, Microsoft Update Catalog, and Docker. The Security Only Update is available via Windows Server Update Services and Microsoft Update Catalog.
Microsoft Update Catalog
You can get the update via the Microsoft Update Catalog. For Windows 10, NET Framework 4.8 updates are available via Windows Update, Windows Server Update Services, Microsoft Update Catalog. Updates for other versions of .NET Framework are part of the Windows 10 Monthly Cumulative Update.
The following table is for Windows 10 and Windows Server 2016+ versions.
Product Version | Cumulative Update |
---|---|
Windows 10 1903 (May 2019 Update) | 4506991 |
.NET Framework 3.5, 4.8 | Catalog 4506991 |
Windows 10 1809 (October 2018 Update) Windows Server 2019 | 4507419 |
.NET Framework 3.5, 4.7.2 | Catalog 4506998 |
.NET Framework 3.5, 4.8 | Catalog 4506990 |
Windows 10 1803 (April 2018 Update) | 4506989 |
.NET Framework 3.5, 4.7.2 | Catalog 4507435 |
.NET Framework 4.8 | Catalog 4506989 |
Windows 10 1709 (Fall Creators Update) | 4506988 |
.NET Framework 3.5, 4.7.1, 4.7.2 | Catalog 4507455 |
.NET Framework 4.8 | Catalog 4506988 |
Windows 10 1703 (Creators Update) | 4506987 |
.NET Framework 3.5, 4.7, 4.7.1, 4.7.2 | Catalog 4507450 |
.NET Framework 4.8 | Catalog 4506987 |
Windows 10 1607 (Anniversary Update) Windows Server 2016 | 4498141 |
.NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog 4507460 |
.NET Framework 4.8 | Catalog 4506986 |
Windows 10 1507 | 4507458 |
.NET Framework 3.5, 4.6, 4.6.1, 4.6.2 | Catalog 4507458 |
The following table is for earlier Windows and Windows Server versions.
Product Version | Security and Quality Rollup | Security Only Update |
---|---|---|
Windows 8.1 Windows RT 8.1 Windows Server 2012 R2 | Catalog 4507422 | Catalog 4507413 |
.NET Framework 3.5 | Catalog 4507005 | Catalog 4506977 |
.NET Framework 4.5.2 | Catalog 4506999 | Catalog 4506964 |
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog 4506996 | Catalog 4506962 |
.NET Framework 4.8 | Catalog 4506993 | Catalog 4506955 |
Windows Server 2012 | Catalog 4507421 | Catalog 4507412 |
.NET Framework 3.5 | Catalog 4507002 | Catalog 4506974 |
.NET Framework 4.5.2 | Catalog 4507000 | Catalog 4506965 |
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog 4506995 | Catalog 4506961 |
.NET Framework 4.8 | Catalog 4506992 | Catalog 4506954 |
Windows 7 SP1 Windows Server 2008 R2 SP1 | Catalog 4507420 | Catalog 4507411 |
.NET Framework 3.5.1 | Catalog 4507004 | Catalog 4506976 |
.NET Framework 4.5.2 | Catalog 4507001 | Catalog 4506966 |
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog 4506997 | Catalog 4506963 |
.NET Framework 4.8 | Catalog 4506994 | Catalog 4506956 |
Windows Server 2008 | Catalog 4507423 | Catalog 4507414 |
.NET Framework 2.0, 3.0 | Catalog 4507003 | Catalog 4506975 |
.NET Framework 4.5.2 | Catalog 4507001 | Catalog 4506966 |
.NET Framework 4.6 | Catalog 4506997 | Catalog 4506963 |
Docker Images
We will be updating the following .NET Framework container images later today:
- microsoft-dotnet-framework-sdk
- microsoft-dotnet-framework-aspnet
- microsoft-dotnet-framework-runtime
- microsoft-dotnet-framework-wcf
- microsoft-dotnet-framework-samples
Note: You must re-pull base images in order to get updates. The Docker client does not pull updates automatically.
Previous Monthly Rollups
The last few .NET Framework Monthly updates are listed below for your convenience:
Do you guys still monitor dotnet issues? There never seems to be much engagement regarding possible reported bugs. https://github.com/microsoft/dotnet/issues/1015