This site uses cookies for analytics, personalized content and ads. By continuing to browse this site, you agree to this use. Learn More
Free. Cross-platform. Open source. A developer platform for building all your apps.
February 15, 2019Feb 15, 201902/15/19Final Update 2/19/19 @1:30 PM (PST): This advisory is now resolved with no action needed from Microsoft Customers. The issue was not applicable to any valid or supported configuration. There is no consequence for .NET 4.8 Preview customers.
We strive to share timely information to protect our customer’s productivity,
September 11, 2018Sep 11, 201809/11/18Today, we are releasing the .NET Core September 2018 Update. This update includes .NET Core 2.1.4 and .NET Core SDK 2.1.402 and contains important reliability fixes.
Security
CVE-2018-8409: .NET Core Denial Of Service Vulnerability
A denial of service vulnerability exists in .NET Core 2.1 when System.IO.Pipelines improperly handles requests.
December 13, 2016Dec 13, 201612/13/16Today, we are releasing a new set of reliability and quality updates for .NET Core 1.0. This month’s update is our second Long Term Support (LTS) update and includes updated versions of multiple packages in .NET Core, ASP.NET Core and Entity Framework Core.
August 11, 2015Aug 11, 201508/11/15The .NET team released two security bulletins today as part of the monthly “Update Tuesday” cycle.
Microsoft Security Bulletin MS15-080 – Critical, Vulnerability in .NET Framework Could Allow Remote Code Execution (3078662)
This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded TrueType or OpenType fonts.
May 12, 2015May 12, 201505/12/15The .NET team released two security bulletins today as part of the monthly “Update Tuesday” cycle.
Microsoft Security Bulletin MS15-044 – Critical, Vulnerability in .NET Framework Could Allow Remote Code Execution (3057110)
This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded TrueType fonts.
April 14, 2015Apr 14, 201504/14/15The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle.
Microsoft Security Bulletin MS15-041 – Important, Vulnerability in .NET Framework Could Allow Information Disclosure (3048010)
This update resolves a vulnerability in the Microsoft .NET Framework that could allow information disclosure if an attacker sends a specially crafted web request to an affected server that has custom error messages disabled.
April 14, 2015Apr 14, 201504/14/15The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle.
Microsoft Security Bulletin MS15-041 – Important, Vulnerability in .NET Framework Could Allow Information Disclosure (3048010)
This update resolves a vulnerability in the Microsoft .NET Framework that could allow information disclosure if an attacker sends a specially crafted web request to an affected server that has custom error messages disabled.
April 14, 2015Apr 14, 201504/14/15The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle.
Microsoft Security Bulletin MS15-041 – Important, Vulnerability in .NET Framework Could Allow Information Disclosure (3048010)
This update resolves a vulnerability in the Microsoft .NET Framework that could allow information disclosure if an attacker sends a specially crafted web request to an affected server that has custom error messages disabled.
November 11, 2014Nov 11, 201411/11/14The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle.
Microsoft Security Bulletin MS14-072 – Important, Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
This security update resolves a privately reported vulnerability in Microsoft .NET Framework.
November 11, 2014Nov 11, 201411/11/14The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle.
Microsoft Security Bulletin MS14-072 – Important, Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
This security update resolves a privately reported vulnerability in Microsoft .NET Framework.
