Microsoft .NET and .NET Core Denial Of Service Vulnerability

A Denial of Service vulnerability exists when .NET, and .NET core, improperly process XML documents. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET(or .NET core) application.

The update addresses the vulnerability by correcting how a .NET, and .NET core, applications handles XML document processing.

To exploit this vulnerability, the attacker must send a malicious request to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.

Microsoft addressed this vulnerability by correcting how the affected software processes XML documents.

Further details and effected versions visit – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0764

Workarounds

Microsoft has not identified any workarounds for this vulnerability.




Leave a Reply