logo
 
  1. IT-Security >
  2. Programmierung >
  3. .NET Framework May 2019 Security and Quality Rollup


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

.NET Framework May 2019 Security and Quality Rollup

Programmierung vom | Direktlink: devblogs.microsoft.com Nachrichten Bewertung

Today, we are releasing the May 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update.

Security

CVE-2019-0820 – Denial of Service Vulnerability

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET Framework (or .NET core) application. The update addresses the vulnerability by correcting how .NET Framework and .NET Core applications handle RegEx string processing.

CVE-2019-0820

CVE-2019-0980 – Denial of Service Vulnerability

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Framework or .NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET Framework or .NET Core application. The update addresses the vulnerability by correcting how .NET Framework or .NET Core web applications handles web requests.

CVE-2019-0980

CVE-2019-0981 – Denial of Service Vulnerability

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Framework or .NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET Framework or .NET Core application. The update addresses the vulnerability by correcting how .NET Framework or .NET Core web applications handles web requests.

CVE-2019-0981

CVE-2019-0864 – Denial of Service Vulnerability

A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how .NET Framework handle objects in heap memory.

CVE-2019-0864

Getting the Update

The Cumulative Update and Security and Quality Rollup are available via Windows Update, Windows Server Update Services, Microsoft Update Catalog, and Docker.  The Security Only Update is available via Windows Server Update Services and Microsoft Update Catalog.

Microsoft Update Catalog

You can get the update via the Microsoft Update Catalog. For Windows 10, NET Framework 4.8 updates are available via Windows Update, Windows Server Update Services, Microsoft Update Catalog.  Updates for other versions of .NET Framework are part of the Windows 10 Monthly Cumulative Update.

The following table is for Windows 10 and Windows Server 2016+ versions.

Product Version Cumulative Update
Windows 10 1903 (May 2019 Update)
4502507
.NET Framework 3.5, 4.8 Catalog
4495620
Windows 10 1809 (October 2018 Update)
Windows Server 2019

4466961
.NET Framework 3.5, 4.7.2 Catalog
4495590
.NET Framework 3.5, 4.8 Catalog
4495618
Windows 10 1803 (April 2018 Update)
4498144
.NET Framework 3.5, 4.7.2 Catalog
4499167
.NET Framework 4.8 Catalog
4495616
Windows 10 1709 (Fall Creators Update)
4498143
.NET Framework 3.5, 4.7.1, 4.7.2 Catalog
4499179
.NET Framework 4.8 Catalog
4495613
Windows 10 1703 (Creators Update)
4498142
.NET Framework 3.5, 4.7, 4.7.1, 4.7.2 Catalog
4499181
.NET Framework 4.8 Catalog
4495611
Windows 10 1607 (Anniversary Update)
Windows Server 2016

4498141
.NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog
4494440
.NET Framework 4.8 Catalog
4495610
Windows 10 1507
4499154
.NET Framework 3.5, 4.6, 4.6.1, 4.6.2 Catalog
4499154

 

The following table is for earlier Windows and Windows Server versions.

Product Version Security and Quality Rollup Security Only Update
Windows 8.1
Windows RT 8.1
Windows Server 2012 R2

Catalog
4499408

Catalog
4498963
.NET Framework 3.5 Catalog
4495608

Catalog
4495615
.NET Framework 4.5.2 Catalog
4495592

Catalog
4495589
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog
4495585

Catalog
4495586
.NET Framework 4.8 Catalog
4495624

Catalog
4495625
Windows Server 2012 Catalog
4499407
Catalog
4498962
.NET Framework 3.5 Catalog
4480061

Catalog
4495607
.NET Framework 4.5.2 Catalog
4495594

Catalog
4495591
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog
4495582

Catalog
4495584
.NET Framework 4.8 Catalog
4495622

Catalog
4495623
Windows 7 SP1
Windows Server 2008 R2 SP1

Catalog
4499406

Catalog
4498961
.NET Framework 3.5.1 Catalog
4495606

Catalog
4495612
.NET Framework 4.5.2 Catalog
4495596

Catalog
4495593
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog
4495588

Catalog
4495587
.NET Framework 4.8 Catalog
4495627

Catalog
4495627
Windows Server 2008
Catalog
4499409

Catalog
4498964
.NET Framework 2.0, 3.0 Catalog
4495604

Catalog
4495609
.NET Framework 4.5.2 Catalog
4495596

Catalog
4495593
.NET Framework 4.6 Catalog
4495588

Catalog
4495587

Docker Images

We are updating the following .NET Framework Docker images for today’s release:

Note: Look at the “Tags” view in each repository to see the updated Docker image tags.

Note: Significant changes have been made with Docker images recently. Please look at .NET Docker Announcements for more information.

Previous Monthly Rollups

The last few .NET Framework Monthly updates are listed below for your convenience:

The post .NET Framework May 2019 Security and Quality Rollup appeared first on .NET Blog.

...

Externe Webseite mit kompletten Inhalt öffnen

Kommentiere zu .NET Framework May 2019 Security and Quality Rollup






➤ Ähnliche Beiträge

  • 1.

    Announcing .NET Core 3.0

    vom 627.37 Punkte ic_school_black_18dp
    Announcing .NET Core 3.0 We’re excited to announce the release of .NET Core 3.0. It includes many improvements, including adding Windows Forms and WPF, adding new JSON APIs, support for ARM64 and improving performance across the board. C# 8 is als
  • 2.

    .NET Framework May 2019 Security and Quality Rollup

    vom 591.71 Punkte ic_school_black_18dp
    Today, we are releasing the May 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update. Security CVE-2019-0820 – Denial of Service Vulnerability A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully explo
  • 3.

    .NET Framework October 2019 Security and Quality Rollup

    vom 518.51 Punkte ic_school_black_18dp
    Today, we are releasing the October 2019 Security and Quality Rollup and Cumulative Updates for .NET Framework. Security No new security fixes. See September 2019 Security and Quality Rollup for the latest security updates. Quality and Reliability This release contains the followin
  • 4.

    .NET Framework July 2019 Security and Quality Rollup

    vom 514.37 Punkte ic_school_black_18dp
    Today, we are releasing the July 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update for .NET Framework. Security CVE-2019-1006 – WCF/WIF SAML Token Authentication Bypass Vulnerability An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation
  • 5.

    Lockdoor Framework - A Penetration Testing Framework With Cyber Security Resources

    vom 505.56 Punkte ic_school_black_18dp
    Lockdoor Framework : A Penetration Testing Framework With Cyber Security Resources.09/2019 : 1.0Beta Information Gathring Tools (21) Web Hacking Tools(15) Reverse Engineering Tools (15) Exploitation Tools (6) Pentesting & Security Assessment Findings Report Temp
  • 6.

    .NET Framework September 2019 Security and Quality Rollup

    vom 502.76 Punkte ic_school_black_18dp
    Today, we are releasing the September 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update for .NET Framework. Security CVE-2019-1142– .NET Framework Elevation of Privilege Vulnerability An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in ar
  • 7.

    .NET Framework June 2019 Preview of Quality Rollup

    vom 484.3 Punkte ic_school_black_18dp
    Today, we are releasing the June 2019 Preview of Quality Rollup. Quality and Reliability This release contains the following quality and reliability improvements. WPF1 Addresses an issue in which applications that target .NET Framework 4.7 and later,
  • 8.

    .NET Framework December 2018 Security and Quality Rollup

    vom 470.26 Punkte ic_school_black_18dp
    Today, we are releasing the December 2018 Security and Quality Rollup. Security CVE-2018-8540 – Windows Remote Code Execution Vulnerability This security update resolves a vulnerability in Microsoft .NET Framework that could allow remote code execution when Microsoft .NET Framework doesn
  • 9.

    Announcing .NET Core 3 Preview 1 and Open Sourcing Windows Desktop Frameworks

    vom 468.66 Punkte ic_school_black_18dp
    Today, we are announcing .NET Core 3 Preview 1. It is the first public release of .NET Core 3. We have some exciting new features to share and would love your feedback. You can develop .NET Core 3 applications with Visual Studio 2019 Preview 1, Visual St
  • 10.

    .NET Framework August 2019 Preview of Quality Rollup

    vom 451.13 Punkte ic_school_black_18dp
    Today, we are releasing the August 2019 Preview of Quality Rollup. Quality and Reliability This release contains the following quality and reliability improvements. BCL1 Addresses a crash that occurs after enumerating event logs. [910822] 1 Base Clas
  • 11.

    .NET Framework October 2019 Preview of Quality Rollup

    vom 442.46 Punkte ic_school_black_18dp
    Today, we are releasing the October 2019 Preview of Quality Rollup and Cumulative Updates for .NET Framework. Quality and Reliability This release contains the following quality and reliability improvements. ASP.NET Addresses an issue with ValidationContext.MemberName when usin
  • 12.

    Track the progress of work using Rollup columns

    vom 435.38 Punkte ic_school_black_18dp
    How is our Feature progressing? As simple and common as this question is, it’s a hard one to answer. Especially if your Feature is complex and is composed of multiple User Stories and Tasks. With Sprint 157 Update you will be able to answer this u