MS16-041: Security Update for .NET Framework (3148789)

High Nessus Plugin ID 90435


The remote Windows host has a software framework installed that is affected by a code execution vulnerability.


The version of Microsoft .NET Framework installed on the remote host is affected by a code execution vulnerability due to improper validation of input before loading libraries. A local attacker can exploit this, via a malicious application, to execute arbitrary code.


Microsoft has released a set of patches for .NET Framework 4.6 and 4.6.1.

See Also

Plugin Details

Severity: High

ID: 90435

File Name: smb_nt_ms16-041.nasl

Version: $Revision: 1.5 $

Type: local

Agent: windows

Published: 2016/04/12

Modified: 2017/07/12

Dependencies: 51351, 13855, 57033

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:microsoft:.net_framework

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/04/12

Vulnerability Publication Date: 2016/04/12

Reference Information

CVE: CVE-2016-0148

BID: 85937

OSVDB: 136967

MSFT: MS16-041

MSKB: 3143693

IAVB: 2016-B-0069