.NET Framework July 2019 Security and Quality Rollup

Avatar

Brett

Today, we are releasing the July 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update for .NET Framework.

Security

CVE-2019-1006 – WCF/WIF SAML Token Authentication Bypass Vulnerability

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint. An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key.

This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.

CVE-2019-1006

 

CVE-2019-1083 – .NET Denial of Service Vulnerability

A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET application.

The update addresses the vulnerability by correcting how the .NET web application handles web requests.

CVE-2019-1083

 

CVE-2019-1113 – .NET Framework Remote Code Execution Vulnerability

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of .NET Framework. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.

The security update addresses the vulnerability by correcting how .NET Framework checks the source markup of a file.

CVE-2019-1113

 

Getting the Update

The Cumulative Update and Security and Quality Rollup are available via Windows Update, Windows Server Update Services, Microsoft Update Catalog, and Docker.  The Security Only Update is available via Windows Server Update Services and Microsoft Update Catalog.

 

Microsoft Update Catalog

You can get the update via the Microsoft Update Catalog. For Windows 10, NET Framework 4.8 updates are available via Windows Update, Windows Server Update Services, Microsoft Update Catalog.  Updates for other versions of .NET Framework are part of the Windows 10 Monthly Cumulative Update.

 

The following table is for Windows 10 and Windows Server 2016+ versions.

Product VersionCumulative Update
Windows 10 1903 (May 2019 Update)
4506991
.NET Framework 3.5, 4.8Catalog
4506991
Windows 10 1809 (October 2018 Update)
Windows Server 2019

4507419
.NET Framework 3.5, 4.7.2Catalog
4506998
.NET Framework 3.5, 4.8Catalog
4506990
Windows 10 1803 (April 2018 Update)
4506989
.NET Framework 3.5, 4.7.2Catalog
4507435
.NET Framework 4.8Catalog
4506989
Windows 10 1709 (Fall Creators Update)
4506988
.NET Framework 3.5, 4.7.1, 4.7.2Catalog
4507455
.NET Framework 4.8Catalog
4506988
Windows 10 1703 (Creators Update)
4506987
.NET Framework 3.5, 4.7, 4.7.1, 4.7.2Catalog
4507450
.NET Framework 4.8Catalog
4506987
Windows 10 1607 (Anniversary Update)
Windows Server 2016

4498141
.NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2Catalog
4507460
.NET Framework 4.8Catalog
4506986
Windows 10 1507
4507458
.NET Framework 3.5, 4.6, 4.6.1, 4.6.2Catalog
4507458

 

The following table is for earlier Windows and Windows Server versions.

Product VersionSecurity and Quality RollupSecurity Only Update
Windows 8.1
Windows RT 8.1
Windows Server 2012 R2

Catalog
4507422

Catalog
4507413
.NET Framework 3.5Catalog
4507005

Catalog
4506977
.NET Framework 4.5.2Catalog
4506999

Catalog
4506964
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2Catalog
4506996

Catalog
4506962
.NET Framework 4.8Catalog
4506993

Catalog
4506955
Windows Server 2012Catalog
4507421
Catalog
4507412
.NET Framework 3.5Catalog
4507002

Catalog
4506974
.NET Framework 4.5.2Catalog
4507000

Catalog
4506965
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2Catalog
4506995

Catalog
4506961
.NET Framework 4.8Catalog
4506992

Catalog
4506954
Windows 7 SP1
Windows Server 2008 R2 SP1

Catalog
4507420

Catalog
4507411
.NET Framework 3.5.1Catalog
4507004

Catalog
4506976
.NET Framework 4.5.2Catalog
4507001

Catalog
4506966
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2Catalog
4506997

Catalog
4506963
.NET Framework 4.8Catalog
4506994

Catalog
4506956
Windows Server 2008
Catalog
4507423

Catalog
4507414
.NET Framework 2.0, 3.0Catalog
4507003

Catalog
4506975
.NET Framework 4.5.2Catalog
4507001

Catalog
4506966
.NET Framework 4.6Catalog
4506997

Catalog
4506963

Docker Images

We will be updating the following .NET Framework container images later today:

Note: You must re-pull base images in order to get updates. The Docker client does not pull updates automatically.

Previous Monthly Rollups

The last few .NET Framework Monthly updates are listed below for your convenience:

Avatar
Brett Lopez

Program Manager, .NET Framework

Follow Brett   

1 Comments
Avatar
Eaton Zveare 2019-07-10 13:48:19
Do you guys still monitor dotnet issues? There never seems to be much engagement regarding possible reported bugs. https://github.com/microsoft/dotnet/issues/1015