KLA10925
Information Disclosure vulnerability in Microsoft .NET Framework 4.6.2
Обновлено: 17/06/2019
Дата обнаружения
13/12/2016
Уровень угрозы
Warning
Описание

Mishandling of a developer-supplied key was found in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. By exploiting this vulnerability malicious users can obtain sensitive cleartext information. This vulnerability can be exploited remotely via leveraging key guessability.

Пораженные продукты

Microsoft .NET Framework 4.6.2 

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
https://technet.microsoft.com/library/security/ms16-155
CVE-2016-7270
Оказываемое влияние
?
OSI 
[?]
Связанные продукты
Microsoft .NET Framework
CVE-IDS
CVE-2016-72705.0Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3206632
3205640
3204801
3204802
3204805