KLA11248
Multiple vulnerabilities in Microsoft Development Tools
Updated: 09/10/2018
CVSS
?
7.6
Detect date
?
05/08/2018
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Development Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions or cause denial of service.

Below is a complete list of vulnerabilities:

  1. An improper web request handling in ASP.NET Core can be exploited remotely via specially crafted requests to .NET Core application to cause denial of service;
  2. A security feature bypass vulnerability in .Net Framework can be exploited remotely via local access to machine for malicious program running to bypass security restrictions.
Affected products

Microsoft .NET Framework 4.7.2
.NET Core 2.0
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 4.6.1
Microsoft .NET Framework 4.6.2
Microsoft .NET Framework 4.7
Microsoft .NET Framework 4.7.1

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2018-0943
CVE-2018-0945
CVE-2018-0946
CVE-2018-0954
CVE-2018-1022
CVE-2018-8130
CVE-2018-8178
CVE-2018-8128
CVE-2018-8133
CVE-2018-8139
CVE-2018-8145
CVE-2018-8137
CVE-2018-0765
CVE-2018-1039
CVE-2018-8119
CVE-2018-8177

Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Related products
Microsoft .NET Framework
CVE-IDS
?

CVE-2018-0943
CVE-2018-0945
CVE-2018-0946
CVE-2018-0954
CVE-2018-1022
CVE-2018-8130
CVE-2018-8178
CVE-2018-8128
CVE-2018-8133
CVE-2018-8139
CVE-2018-8145
CVE-2018-8137
CVE-2018-0765
CVE-2018-1039
CVE-2018-8119
CVE-2018-8177

Microsoft official advisories
Microsoft Security Update Guide
KB list

4103723
4103716
4103731
4103721
4103727
4095873
4095513
4095872
4095512
4095875
4095515
4095874
4095514
4095876
4095517
4096495
4095519
4096494
4095518
4096236
4096237
4096235
4096416
4096417
4096418