Endpoint Vulnerability

Microsoft: .NET Security Feature Bypass Vulnerability

Description

A security feature bypass vulnerability exists when Microsoft .NET Framework (and .NET Core) components do not completely validate certificates.

Affected Products

.NET Core 1.0,.NET Core 2.0,Microsoft .NET Framework 3.5 on Windows Server, version 1709 (Server Core Installation),Microsoft .NET Framework 4.5.2 on Windows RT 8.1,Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7 on Windows RT 8.1,Microsoft .NET Framework 4.7.1 on Windows Server, version 1709 (Server Core Installation),PowerShell Core 6.0.0,Windows 10,Windows 7,Windows 8

References

CVE-2018-0786,