The latest .NET Framework updates fix a severe remote code execution vulnerability

Madeleine Dean By: Madeleine Dean
2 minute read

Home » News » The latest .NET Framework updates fix a severe remote code execution vulnerability

Microsoft released a series of important .NET Framework updates on Patch Tuesday. These updates fix severe vulnerabilities that could even allow remote code execution.

More specifically, sometimes the .NET Framework fails to properly validate input before loading libraries. As a result, attackers who successfully exploit this vulnerability could take control of the affected systems.

They could then install malicious programs, view, change, or delete data, create new accounts with full user rights, and more.

.NET Framework updates

Here are this month’s .NET Framework updates :

  • .NET Framework 3.5 and 4.7 KB4015583 for Windows 10 Creators Update
  • .NET Framework 3.5 and 4.6.2 KB4015217 for Windows 10 Anniversary Update and Windows Server 2016
  • .NET Framework 3.5 and 4.6.1 KB4015219 for Windows 10 1511 Update
  • .NET Framework 3.5 and 4.6 KB4015221 for Windows 10 RTM
  • .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 Rollup KB4014983 and security only KB4014987 for Windows 8.1 and Windows Server 2012 R2
  • .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 Rollup KB4014982 and security only KB4014986 for Windows Server 2012
  • .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 Rollup KB4014981 and security only KB4014985 for Windows 7 and Windows Server 2008 R2
  • .NET Framework 3.5, 4.5.2, and 4.6 Rollup KB4014984 and security only KB4014988 for Windows Vista SP2 and Windows Server 2008 SP2

Keep in mind that there is a known issue related to these updates. Applications that connect to an instance of Microsoft SQL Server on the same computer generate the following error message: “provider: Shared Memory Provider, error: 15 – Function not supported“. The good news is that there are three workarounds available to fix this issue:

  1. Disable the Shared Memory and Named Pipes protocols on the server side to force TCP-only connections to SQL Server.
  2. Create an alias on the server to force TCP protocol for local applications
  3. Disable shared memory from the Client Configuration tool (32-bit and 64-bit).

For more information, check out Microsoft’s Support page.

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

Top 5 software to recover Microsoft Excel passwords

Tashreef Shareef avatar. By: Tashreef Shareef
Less than a 1 minute read

From billing and data management to keeping track of inventory, finance and business tasks, Microsoft Excel is one handy program. The fact that Excel application is […]

Continue Reading

How to fix League of Legends patch issues on PC

Ivan Jenic By: Ivan Jenic
5 minute read

10 solutions to fix LoL patch issues Change screen refresh rate Reset Winsock Run the game as Admin Force Re-Patch Repair game files Disable UAC […]

Continue Reading

IE vulnerability allowing attackers to spot files on your disk got fixed

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

A recent security update by Microsoft addressed an Internet Explorer‘s vulnerability that was initially discovered by Google’s Threat Analysis Group. Microsoft described the vulnerability as “An information […]

Continue Reading