Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
  Technical Updates @ TACKtech Corp.  

12.10.2014 - MS14-057 - Critical: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414) - Version: 1.1

View Microsoft related news. Severity Rating: Critical
Revision Note: V1.1 (December 10, 2014): Bulletin revised to correct update replacement entries for Microsoft .NET Framework 4.5/4.5.1/4.5.2 (update 2972107)
Summary: This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application, causing ASP.NET to generate incorrectly constructed URIs. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled.

- View Microsoft Security Bulletin MS14-057
- View Microsoft Knowledge Base Article - on: 1.
- Visit Microsoft Corporation

NID: 51977 / Submitted by: The Zilla of Zuron
Categories: Microsoft
Most recent Microsoft related news.
MS16-128 - Critical: Security Update for Adobe Flash Player (3201860) - Version: 1.0
MS16-110 - Important: Security Update for Microsoft Windows (3178467) - Version: 1.1
MS16-121 - Critical: Security Update for Microsoft Office (3194063) - Version: 1.1
MS16-127 - Critical: Security Update for Adobe Flash Player (3194343) - Version: 1.0
MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 1.1
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates