ROS-20240919-01

Vulnerability of Microsoft.NET Framework and .NET software platform of Windows operating systems is related to incorrect definition of symbolic links before accessing a file. Exploitation of the vulnerability could allow an attacker to escalate privileges...

Security Update for Microsoft .NET Core (January 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024Jan09 advisory. - NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability CVE-2024-0057 - .NET Denial of...

AppDomain Manager Injection: New Techniques For Red Teams

AppDomain Manager Injection is a very versatile and useful technique for red team operators. This technique allows you to effectively turn any Microsoft.NET application on a Windows host into a lolbin Living Off the Land Binary by forcing the application to load a specially crafted .NET assembly,...

Remote Code Execution

Microsoft .NET is vulnerable to Remote Code Execution. The vulnerability exists because DLL's can be loaded from an unexpected location which allows an attacker to inject and execute malicious code into the system, resulting in DLL Hijacking...

Security Bulletin: A denial of service in Microsoft .NET may affect IBM Robotic Process Automation for Cloud Pak (CVE-2023-21538)

Summary There is a vulnerability in .NET used by IBM Robotic Process Automation as part of it's infrastructure, which may result in a denial of service CVE-2023-21538. This bulletin identifies the security fixes to apply to address this vulnerability. Vulnerability Details CVEID:CVE-2023-21538...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when creating HTTPS web requests while building X509 certificate chains. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...

February 8, 2022—KB5010359 (OS Build 14393.4946) - EXPIRED

February 8, 2022—KB5010359 OS Build 14393.4946 - EXPIRED EXPIRATION NOTICE As of 9/12/2023, KB5010359 is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. --- 11/19/20...

Microsoft .NET Framework Remote Code Execution Vulnerability

Microsoft .NET Framework contains a remote code execution vulnerability when processing untrusted input that could allow an attacker to take control of an affected system...

List of Security Fixes and Improvements in Veeam Backup & Replication

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Backup & Replication. The goal of this article is to provide our customers' security and compliance teams with detailed information on security improvements between releases, i...

Security Updates for Microsoft .NET Framework (May 2019)

The Microsoft .NET Framework installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory. An attacker who successfully exploited this...

Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 (KB 4471983)

Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 KB 4471983 Applies to: Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6.1, Microsoft .NET...

Microsoft .NET Framework Security Feature Bypass And DoS Vulnerabilities (KB4096418)

This host is missing an important security update according to Microsoft KB4096418 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040981)

This host is missing an important security update according to Microsoft KB4040981 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB 4040974)

Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 KB 4040974 Notice This update is included in the Security and Quality Rollup that's dated November 14, 2017. This update was previously released as part of the Preview of Quality Rollu...

Microsoft .NET Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Hi @ll, all versions of .NET Framework support to load a COM object as code profiler, enabled via two or three environment variables. From | A profiler DLL is an unmanaged DLL that runs as part of the | common language runtime execution...

Security and Quality Rollup for the .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 updates for Windows 8.1 and Windows Server 2012 R2: April 11, 2017

Security and Quality Rollup for the .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 updates for Windows 8.1 and Windows Server 2012 R2: April 11, 2017 Note Known issues in this security update After you apply this security update, the PowerShell v3.0+ stop-computer command fails. You get a...

MS13-052: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: July 9, 2013

MS13-052: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: July 9, 2013 View products that this article applies to. August 13, 2013 This security update has been re-released and contains updated...

MS16-065: Description of the security update for the .NET Framework 4.6.1 in Windows 7 SP1 and Windows Server 2008 R2 SP1 and the .NET Framework 4.6 in Windows Vista SP2 and Windows Server 2008 SP2: May 10, 2016

MS16-065: Description of the security update for the .NET Framework 4.6.1 in Windows 7 SP1 and Windows Server 2008 R2 SP1 and the .NET Framework 4.6 in Windows Vista SP2 and Windows Server 2008 SP2: May 10, 2016 View products that this article applies to. Summary This security update resolves a...

Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 8 and Windows Server 2012 for x64 (KB3098780)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

CVE-2015-2526

Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability."...