A Denial of Service vulnerability exists when .NET, and .NET core, improperly process XML documents. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET(or .NET core) application.
The update addresses the vulnerability by correcting how a .NET, and .NET core, applications handles XML document processing.
To exploit this vulnerability, the attacker must send a malicious request to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.
Microsoft addressed this vulnerability by correcting how the affected software processes XML documents.
Further details and effected versions visit – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0764
Microsoft has not identified any workarounds for this vulnerability.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He also has a wide range of other skills in radio, electronics and telecommunications.