Desmond File

Blog archive

.NET Framework Security

We all know the managed code mantra of the .NET Framework -- more robust, more functional, more secure.

Or is it? Yesterday Microsoft announced a critical security flaw in versions 1.0, 1.1 and 2.0 of the .NET Framework. In fact, the framework suffers from a trifecta of vulnerabilities that can allow remote attackers to gain control over the system.

And yes, in case you were wondering, a buffer overflow issue is involved.

The good news is that .NET Framework 3.0 is not affected by the vulnerability. But if you currently have machines running older versions of .NET, you should move to get them patched. You can find information about this vulnerability here.

Are you surprised that Microsoft has to patch the .NET Framework? Does a vulnerability like this provide incentive to move to the most recent version of the framework? Let me know at [email protected].

Posted by Michael Desmond on 07/11/2007 at 1:15 PM

comments powered by Disqus


  • .NET Core Ranks High Among Frameworks in New Dev Survey

    .NET Core placed high in a web-dominated ranking of development frameworks published by CodinGame, which provides a tech hiring platform.

  • Here's a One-Stop Shop for .NET 5 Improvements

    Culled from reams of Microsoft documentation, here's a high-level summary of what's new for performance, networking, diagnostics and more, along with links to the nitty-gritty details for those wanting to dig in more.

  • Azure SQL Database Ranked Among Top 3 Databases of 2020

    Microsoft touted the inclusion of Azure SQL Database among the top three databases of 2020 in a popularity ranking by DB-Engines, which collects and manages information about database management systems, updating its lists monthly.

  • Time Tracker Says VS Code Is No. 1 Editor for Devs, Some Working 15+ Hours Per Day

    WakaTime, which does time tracking for programmers, released data for 2020 showing that Visual Studio Code is by far the top editor/IDE used by its coders, some of whom are hacking away for more than 15 hours per day.

Upcoming Events