Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5034276
HistoryMar 22, 2024 - 7:00 a.m.

January 9, 2024-KB5034276 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11, version 21H2

2024-03-2207:00:00
Microsoft
support.microsoft.com
31
security update
windows 11
version 21h2
denial of service vulnerability
security feature bypass
elevation of privilege
remote code execution
http.net remoting

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.1%

JSON

January 9, 2024-KB5034276 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11, version 21H2

Release Date:
January 9, 2024 Version: ** .NET Framework 3.5, 4.8 and 4.8.1**

Summary

This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 11, version 21H2. Security Improvements CVE-2023-36042 – .NET Framework Denial of Service Vulnerability
This security update addresses a security feature bypass vulnerability detailed in CVE-2023-36042. CVE-2024-0056 – .NET Framework Security Feature Bypass Vulnerability
This security update addresses a security feature bypass vulnerability detailed in CVE-2024-0056 . CVE-2024-0057 – .NET Framework Security Feature Vulnerability
This security update addresses a elevation of privilege vulnerability detailed in CVE-2024-0057. CVE-2024-21312 – .NET Framework Denial of Service Vulnerability
This security update addresses a denial of service vulnerability detailed in CVE-2024-21312 . .NET Framework Remote Code Execution Vulnerability
This security update addresses a remote code execution vulnerability to HTTP .NET remoting server channel chain. Quality and Reliability ImprovementsFor a list of improvements that were released with this update, please see the article links in the Additional Information section of this article.

Known issues in this update

Microsoft is not currently aware of any issues in this update.

Additional information about this update

The following articles contain additional information about this update as it relates to individual product versions.

  • 5033912 Description of the Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5033912)
  • 5033919 Description of the Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5033919)

How to get this update

Release Channel Available Next Step
Windows Update and Microsoft Update Yes None. This update will be downloaded and installed automatically from Windows Update.
Windows Update for Business Yes None. This update will be downloaded and installed automatically from Windows Update.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes This operating system update will offer, as applicable, and individual .NET Framework product updates will be installed. For more information about individual .NET Framework product updates see additional information about this update section. This update will automatically sync with WSUS if you configure as follows: Product: Windows 11, version 21H2Classification: Security Updates

How to obtain help and support for this update

Related

mskb 20
nessus 37
openvas 10
almalinux 6
kaspersky 4
rocky 3
osv 16
redhat 7
oraclelinux 6
cve 5
redhatcve 4
cvelist 5
mscve 5
nvd 5
nuclei 1
prion 4
ubuntucve 2
cgr 1
redos 1
veracode 2
wolfi 1
alpinelinux 2
github 2
ibm 1
ubuntu 1
photon 3
thn 1
rapid7blog 2
mskb
mskb
January 9, 2024-KB5033920 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2
2024-03-22 07:00:00
January 9, 2024-KB5034272 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Azure Stack HCI, version 22H2
2024-03-22 07:00:00
January 9, 2024-KB5034274 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2
2024-03-22 07:00:00
nessus
nessus
Security Updates for Microsoft .NET Framework (January 2024)
2024-01-10 00:00:00
AlmaLinux 9 : .NET 6.0 (ALSA-2024:0156)
2024-01-12 00:00:00
Oracle Linux 8 : .NET / 7.0 (ELSA-2024-0157)
2024-01-18 00:00:00
openvas
openvas
Microsoft .NET Framework Multiple Vulnerabilities (KB5034276)
2024-01-10 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (KB5033920)
2024-01-10 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (KB5034273)
2024-01-10 00:00:00
almalinux
almalinux
Important: .NET 7.0 security update
2024-01-10 00:00:00
Important: .NET 7.0 security update
2024-01-10 00:00:00
Important: .NET 8.0 security update
2024-01-10 00:00:00
kaspersky
kaspersky
KLA62822 Multiple vulnerabilities in Microsoft Developer Tools
2024-01-09 00:00:00
KLA65276 OSI vulnerability in Microsoft Developer Tools
2024-03-22 00:00:00
KLA62825 SB vulnerability in Microsoft SQL Server
2024-01-09 00:00:00
rocky
rocky
.NET 6.0 security update
2024-01-12 19:57:42
.NET 8.0 security update
2024-01-12 19:57:42
.NET 7.0 security update
2024-01-12 19:57:42
osv
osv
Important: .NET 8.0 security update
2024-01-10 00:00:00
Important: .NET 6.0 security update
2024-01-12 19:57:42
Important: .NET 6.0 security update
2024-01-10 00:00:00
redhat
redhat
(RHSA-2024:0150) Important: .NET 8.0 security update
2024-01-10 15:15:53
(RHSA-2024:0152) Important: .NET 8.0 security update
2024-01-10 15:18:52
(RHSA-2024:0255) Important: .NET 6.0 security, bug fix, and enhancement update
2024-01-15 15:30:34
oraclelinux
oraclelinux
.NET 7.0 security update
2024-01-17 00:00:00
.NET 6.0 security update
2024-01-16 00:00:00
.NET 8.0 security update
2024-01-17 00:00:00
cve
cve
CVE-2024-21312
2024-01-09 18:15:55
CVE-2024-29059
2024-03-23 00:15:09
CVE-2023-36042
2023-11-14 18:15:34
redhatcve
redhatcve
CVE-2024-21312
2024-01-10 15:06:42
CVE-2024-29059
2024-03-25 12:35:53
CVE-2024-0057
2024-01-10 04:00:43
cvelist
cvelist
CVE-2024-21312 .NET Framework Denial of Service Vulnerability
2024-01-09 17:57:10
CVE-2024-29059 .NET Framework Information Disclosure Vulnerability
2024-03-22 23:09:05
CVE-2023-36042 Visual Studio Denial of Service Vulnerability
2023-11-14 17:57:31
mscve
mscve
.NET Framework Denial of Service Vulnerability
2024-01-09 08:00:00
.NET Framework Information Disclosure Vulnerability
2024-03-22 07:00:00
Visual Studio Denial of Service Vulnerability
2023-11-14 08:00:00
nvd
nvd
CVE-2024-21312
2024-01-09 18:15:55
CVE-2024-29059
2024-03-23 00:15:09
CVE-2023-36042
2023-11-14 18:15:34
nuclei
nuclei
.NET Framework - Leaking ObjRefs via HTTP .NET Remoting
2024-03-28 13:17:52
prion
prion
Denial of service
2024-01-09 18:15:00
Denial of service
2023-11-14 18:15:00
Security feature bypass
2024-01-09 18:15:00
ubuntucve
ubuntucve
CVE-2024-0057
2024-01-09 00:00:00
CVE-2024-0056
2024-01-09 00:00:00
cgr
cgr
CVE-2024-0057 vulnerabilities
2024-05-19 03:07:16
redos
redos
ROS-20240418-02
2024-04-18 00:00:00
veracode
veracode
Protection Mechanism Failure
2024-01-30 18:59:03
Credential Exposure
2024-01-26 15:02:36
wolfi
wolfi
CVE-2024-0057 vulnerabilities
2024-06-25 03:08:26
alpinelinux
alpinelinux
CVE-2024-0057
2024-01-09 18:15:46
CVE-2024-0056
2024-01-09 18:15:46
github
github
NuGet Client Security Feature Bypass Vulnerability
2024-02-13 21:18:10
Microsoft.Data.SqlClient and System.Data.SqlClient vulnerable to SQL Data Provider Security Feature Bypass
2024-01-09 18:30:27
ibm
ibm
Security Bulletin: A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation and may result in a bypass of security restrictions (CVE-2024-0056)
2024-06-05 20:26:43
ubuntu
ubuntu
.NET vulnerabilities
2024-01-11 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2024-3.0-0717
2024-01-25 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0195
2024-01-25 00:00:00
Critical Photon OS Security Update - PHSA-2024-4.0-0556
2024-01-25 00:00:00
thn
thn
Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities
2024-01-10 05:26:00
rapid7blog
rapid7blog
Patch Tuesday - January 2024
2024-01-09 21:23:10
Patch Tuesday - November 2023
2023-11-14 21:27:09

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.1%

JSON
Related for KB5034276
mskb20nessus37openvas10almalinux6kaspersky4rocky3osv16redhat7oraclelinux6cve5redhatcve4cvelist5mscve5nvd5nuclei1prion4ubuntucve2cgr1redos1veracode2wolfi1alpinelinux2github2ibm1ubuntu1photon3thn1rapid7blog2