question

RisingFlight-7863 avatar image
0 Votes"
RisingFlight-7863 asked ·

NET Framework security updates

Hi Experts

i have below vulnerabilities detected on many servers. vulnerabilities vary from server to server. below is just an example of vulnerabilities detected on one server. how can i fix these. Is there a way I can download latest offline .net framework /core updates which will fix all the old .net framework/core vulnerabilities.

Microsoft .NET Framework And .NET Core Security Updates for July 2020
Microsoft .NET Core Security Update May 2020
Microsoft .NET Framework Denial of Service Vulnerability - February 2021

windows-serverwindows-server-infrastructuredotnet-runtimedotnet-standarddotnet-runtime-framework
· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Microsoft .NET software can be had at this link.
https://dotnet.microsoft.com/download

MSRC has other updates,but remember,with each .NET update,the .NET can get disabled,check by running services.msc

If disabled,double click on the service,set to auto start,start service...

0 Votes 0 ·

1 Answer

cheong00 avatar image
0 Votes"
cheong00 answered ·

Please visit MSRC page to check whether fixes are available. You can check with either full/partial name of vulnerability or the CVE number emitted by checker. The link I provided goes to the third one.

Btw, the easiest way is to enable Windows Update and let them install patches for you. If you have concern on whether the update may crash your server, you should install it on staging server (the server that you do testing of new deployments, ought to be the same spec. as the production server) first to see if it works. You can control the rollout of specific patches to servers with WSUS.


·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.