Lucene search

K
mskbMicrosoftKB4499405
HistoryMay 14, 2019 - 7:00 a.m.

May 14, 2019—KB4499405 Cumulative Update for .NET Framework 3.5, 4.7.2, and 4.8 for Windows 10, version 1809 and Windows Server 2019

2019-05-1407:00:00
Microsoft
support.microsoft.com
59
denial of service
.net framework
windows security
cve-2019-0820
cve-2019-0980
cve-2019-0981
cve-2019-0864

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

59.8%

May 14, 2019—KB4499405 Cumulative Update for .NET Framework 3.5, 4.7.2, and 4.8 for Windows 10, version 1809 and Windows Server 2019

Release Date:
05/14/2019
Version:
.NET Framework 3.5 and 4.7.2
.NET Framework 3.5 and 4.8

Summary

Denial of service vulnerabilities exist when .NET Framework improperly handles objects in heap memory, or when .NET Framework and .NET Core improperly process RegEx strings.

To learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE).

  • CVE-2019-0820
  • CVE-2019-0980
  • CVE-2019-0981
  • CVE-2019-0864

Additional information about this update

The following articles contain additional information about this update as it relates to individual product versions.

  • 4495590 Description of the Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019 (KB4495590)
  • 4495618 Description of the Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1809 and Windows Server 2019 (KB4495618)

Information about protection and security

  • Protect yourself online: Windows Security support
  • Learn how we guard against cyber threats: Microsoft Security

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

59.8%