April 2015 .NET Security Updates

The .NET Fundamentals Team

The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle.

Microsoft Security Bulletin MS15-041 – Important, Vulnerability in .NET Framework Could Allow Information Disclosure (3048010

This update resolves a vulnerability in the Microsoft .NET Framework that could allow information disclosure if an attacker sends a specially crafted web request to an affected server that has custom error messages disabled. An attacker who successfully exploits the vulnerability would be able to view parts of a web configuration file that could expose sensitive information.

This security update is rated Important for Microsoft .NET Framework 1.1 Service Pack 1, Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4, Microsoft .NET Framework 4.5, Microsoft .NET Framework 4.5.1, and Microsoft .NET Framework 4.5.2 on affected releases of Microsoft Windows.

More details about the versions affected by this vulnerability can be found in the security bulletin MS15-041.

How to obtain help and support for this security update



Discussion is closed.

Feedback usabilla icon