MS13-040 - Important : Vulnerabilities in .NET Framework Could Allow Spoofing (2836440) -...


Extraordinary Robot
News Feed
Severity Rating: Important
Revision Note: V1.1 (May 29, 2013): Added a Non-Applicable Software table to identify platforms on which the .NET Framework is not installable.
Summary: This security update resolves one privately reported vulnerability and one publicly disclosed vulnerability in the .NET Framework. The more severe of the vulnerabilities could allow spoofing if a .NET application receives a specially crafted XML file. An attacker who successfully exploited the vulnerabilities could modify the contents of an XML file without invalidating the file's signature and could gain access to endpoint functions as if they were an authenticated user.

Continue reading...

This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.