MS16-065: Security Update for .NET Framework (3156757)
Medium Nessus Plugin ID 91014
SynopsisThe remote Windows host is affected by an information disclosure vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by an information disclosure vulnerability in the .NET Framework encryption component. A man-in-the-middle attacker can exploit this vulnerability by injecting unencrypted data into the secure channel between a targeted client and a legitimate server, allowing the attacker to decrypt encrypted SSL/TLS traffic.
SolutionMicrosoft has released a set of patches for Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1.