MS16-035: Security Update for .NET Framework to Address Security Feature Bypass (3141780)
Critical Nessus Plugin ID 89757
SynopsisThe remote Windows host is affected by a security feature bypass vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by a security feature bypass vulnerability in the .NET Framework due to improper validation of certain elements in a signed XML document. An attacker can exploit this vulnerability to modify the contents of an XML file without invalidating the signature associated with the file.
SolutionMicrosoft has released a set of patches for .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5.1, 4.5.2, 4.6, and 4.6.1.