The latest .NET Framework updates fix a severe remote code execution vulnerability

2 minute read

Home » News » The latest .NET Framework updates fix a severe remote code execution vulnerability

Microsoft released a series of important .NET Framework updates on Patch Tuesday. These updates fix severe vulnerabilities that could even allow remote code execution.

More specifically, sometimes the .NET Framework fails to properly validate input before loading libraries. As a result, attackers who successfully exploit this vulnerability could take control of the affected systems.

They could then install malicious programs, view, change, or delete data, create new accounts with full user rights, and more.

.NET Framework updates

Here are this month’s .NET Framework updates :

  • .NET Framework 3.5 and 4.7 KB4015583 for Windows 10 Creators Update
  • .NET Framework 3.5 and 4.6.2 KB4015217 for Windows 10 Anniversary Update and Windows Server 2016
  • .NET Framework 3.5 and 4.6.1 KB4015219 for Windows 10 1511 Update
  • .NET Framework 3.5 and 4.6 KB4015221 for Windows 10 RTM
  • .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 Rollup KB4014983 and security only KB4014987 for Windows 8.1 and Windows Server 2012 R2
  • .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 Rollup KB4014982 and security only KB4014986 for Windows Server 2012
  • .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 Rollup KB4014981 and security only KB4014985 for Windows 7 and Windows Server 2008 R2
  • .NET Framework 3.5, 4.5.2, and 4.6 Rollup KB4014984 and security only KB4014988 for Windows Vista SP2 and Windows Server 2008 SP2

Keep in mind that there is a known issue related to these updates. Applications that connect to an instance of Microsoft SQL Server on the same computer generate the following error message: “provider: Shared Memory Provider, error: 15 – Function not supported“. The good news is that there are three workarounds available to fix this issue:

  1. Disable the Shared Memory and Named Pipes protocols on the server side to force TCP-only connections to SQL Server.
  2. Create an alias on the server to force TCP protocol for local applications
  3. Disable shared memory from the Client Configuration tool (32-bit and 64-bit).

For more information, check out Microsoft’s Support page.

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

Windows 10 Build 18965 comes with lots of unresolved issues

Vlad Turiceanu By: Vlad Turiceanu
3 minute read

Microsoft released a new Windows 10 Insider Preview build in the Fast Ring. Windows 10 Build 18965 brings a long list of fixes and improvements, […]

Continue Reading

FIX: Power BI won’t connect to SharePoint list

Matthew Adams By: Matthew Adams
2 minute read

Power BI Desktop is software with which users set up charts and interactive visualizations for connected data sources. SharePoint lists are data sources users can […]

Continue Reading

New WebTS extension lets you create web applications easier

Vlad Turiceanu By: Vlad Turiceanu
Less than a 1 minute read

Microsoft just announced a new extension for Visual Studio Code. Web Template Studio simplifies web app creation Microsoft Web Template Studio is a cross-platform extension […]

Continue Reading