ITsVISTA
Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

ITsVISTA KB-Link: KB929916

Description of the security update for the .NET Framework 2.0 for Windows Vista: July 10, 2007

UpdatesDescription: A security issue has been identified that could allow an attacker to compromise your Windows-based system running the Microsoft .NET Framework and gain access to restricted data. You can help protect your computer by installing this update from Microsoft.

Update type: Important

Release date: July 10, 2007

Applies to: All versions

Knowledge base: http://support.microsoft.com/kb/929916

Download link: 32-bit | 64-bit

Comments: Though not specifically for the core of Vista, all Vista releases include IE7, so it is relevant. This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems with .NET Framework installed, and one could allow information disclosure on Web servers running ASP.NET. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update addresses two vulnerabilities by modifying the way .NET Framework addresses buffer allocation. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information. Details also available in security bulletin MS07-040.

KB929916

There is a download that resolves this issue. See Hotfixes for details. This issue is resolved in SP1.

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB929916.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Related Posts