Be very wary of this one. .NET Framework updates are always considered difficult – potentially causing applications to stop working – but Microsoft had a difficult time in July with this platform update, having to release a second July update to fix issues with the first one (sound familiar?).
This month, the first (and, let’s hope only) update is now available. It comes as part of CVE-2018-8360 – Windows Information Disclosure Vulnerability and to help solve the lingering July issue.
This update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.
To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!