Today, we are releasing the .NET February 2023 Updates. These updates contain security and non-security improvements. Your app may be vulnerable if you have not deployed a recent .NET update.
You can download 7.0.3 and 6.0.14 versions for Windows, macOS, and Linux, for x86, x64, Arm32, and Arm64.
- Installers and binaries: 7.0.3 | 6.0.14
- Release notes: 7.0.3 | 6.0.14 |
- Container images
- Linux packages: 7.0.3 | 6.0.14
- Release feedback/issue
- Known issues: 7.0 | 6.0
Windows Package Manager CLI (winget)
You can now install .NET updates using the Windows Package Manager CLI (winget):
- To install the .NET 7 runtime:
winget install dotnet-runtime-7
- To install the .NET 7 SDK:
winget install dotnet-sdk-7
- To update an existing installation:
winget upgrade
See Install with Windows Package Manager (winget) for more information.
Improvements
- ASP.NET Core: 7.0.3 | 6.0.14
- Entity Framework Core: 7.0.3
- Linker: 7.0.3
- Runtime: 7.0.3 | 6.0.14
- SDK: 7.0.3
- Windows Forms: 7.0.3
Security
CVE-2023-21808 – .NET Remote Code Execution Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in how .NET reads debugging symbols, where reading a malicious symbols file may result in remote code execution.
Visual Studio
See release notes for Visual Studio compatibility for .NET 7.0 and .NET 6.0.
0 comments