Update as of 7/30/2018:
A new .NET Framework July 2018 Update has been released that resolves this advisory. We recommend that you install this update on your systems if you experienced the symptoms described in this advisory. If you did not experience these symptoms,
Today, we are releasing the .NET Core July 2018 Update. This update includes .NET Core 1.0.12, .NET Core 1.1.9, .NET Core 2.0.9 and .NET Core 2.1.2.
Security
.NET Core Security Feature Bypass Vulnerability
CVE-2018-8356:
Microsoft is aware of a security feature bypass vulnerability that exists when .NET Core does not correctly validate certificates.
We released .NET Core 2.1.1. This update includes .NET Core SDK 2.1.301, ASP.NET Core 2.1.1 and .NET Core 2.1.1.
See .NET Core 2.1.1 release notes for complete details on the release.
Quality Updates
CLI
[4050c6374] The “pack” command under ‘buildCrossTargeting’ for ‘Microsoft.DotNet.MSBuildSdkResolver’
Last Updated: 6/22/2018
.NET Core 2.0 was released on August 14, 2017. As a non-LTS release, it is supported for 3 months after the next release. .NET Core 2.1 was released on May 30th, 2018. As a result, .NET Core 2.0 will be supported until September 1,
This post describes the container images that we produce and update for you, that you can use with Docker, Kubernetes and other systems. When you are using .NET and Docker together, you are probably using the official .NET container images from Microsoft.
I posted about Using .NET and Docker Together last year. With DockerCon 2018 being this week, it seemed like a great time to give you an update. Since my last post, we’ve enabled a set of Docker workflows with guidance and samples for .NET Core and .NET Framework,
We’re excited to announce the release of .NET Core 2.1. It includes improvements to performance, to the runtime and tools. It also includes a new way to deploy tools as NuGet packages. We’ve added a new primitive type called Span<T> that operates on data without allocations.
Today, we are releasing the May 2018 Preview of Quality Rollup.
Quality and Reliability
This release contains the following quality and reliability improvements.
CLR
Resolves an issue in WindowsIdentity.Impersonate where handles were not being explicitly cleaned up. [581052]
Resolves an issue in deserialization when using a collection,
Today, we are releasing the .NET Core May 2018 Update. This update includes .NET Core 2.1.200 SDK and ASP.NET Core 2.0.8.
Security
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core and .NET native version 2.0.
Today, we are releasing the May 2018 Security and Quality Rollup.
Security
CVE-2018-1039 – Windows Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.
