Showing results for Security Update - .NET Blog

Final Update 2/19/19 @1:30 PM (PST): This advisory is now resolved with no action needed from Microsoft Customers. The issue was not applicable to any valid or supported configuration. There is no consequence for .NET 4.8 Preview customers. We strive to share timely information to protect our customer’s productivity, in this case, our finding w...

Today, we are releasing the .NET Core September 2018 Update. This update includes .NET Core 2.1.4 and .NET Core SDK 2.1.402 and contains important reliability fixes. Security CVE-2018-8409: .NET Core Denial Of Service Vulnerability A denial of service vulnerability exists in .NET Core 2.1 when System.IO.Pipelines improperly handles requests. An a...

Today, we are releasing a new set of reliability and quality updates for .NET Core 1.0. This month's update is our second Long Term Support (LTS) update and includes updated versions of multiple packages in .NET Core, ASP.NET Core and Entity Framework Core. We recommend everyone on the 1.0.* LTS track move to this update immediately. How to Obtain ...

The .NET team released two security bulletins today as part of the monthly "Update Tuesday" cycle. Microsoft Security Bulletin MS15-080 - Critical, Vulnerability in .NET Framework Could Allow Remote Code Execution (3078662) This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabiliti...

The .NET team released two security bulletins today as part of the monthly "Update Tuesday" cycle. Microsoft Security Bulletin MS15-044 - Critical, Vulnerability in .NET Framework Could Allow Remote Code Execution (3057110) This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabiliti...

The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle. Microsoft Security Bulletin MS15-041 - Important, Vulnerability in .NET Framework Could Allow Information Disclosure (3048010)  This update resolves a vulnerability in the Microsoft .NET Framework that could allow information disclosure...

The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle. Microsoft Security Bulletin MS14-072 - Important, Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)  This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerabil...

The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle. Microsoft Security Bulletin MS14-072 - Important, Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)  This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerabil...

The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle. Microsoft Security Bulletin MS14-057 - Critical, Vulnerabilities in the .NET Framework could allow remote code execution (3000414)  This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework. The ...

The .NET team released a security bulletin and a security advisory today as part of the monthly “patch Tuesday” cycle.   Microsoft Security Bulletin MS14-053 - Important, Vulnerabilities in .NET Framework Could Allow Denial of Service (2990931)  This security update resolves one privately reported vulnerability in Microsoft...