Security Updates for Microsoft .NET Framework (December 2022)

high Nessus Plugin ID 168745

Synopsis

The Microsoft .NET Framework installation on the remote host is missing a security update.

Description

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in the handling of XPS files.

Solution

Microsoft has released security updates for Microsoft .NET Framework.

See Also

https://support.microsoft.com/en-us/help/5020894

https://support.microsoft.com/en-us/help/5020895

https://support.microsoft.com/en-us/help/5020896

https://support.microsoft.com/en-us/help/5020897

https://support.microsoft.com/en-us/help/5020898

https://support.microsoft.com/en-us/help/5020899

https://support.microsoft.com/en-us/help/5020900

https://support.microsoft.com/en-us/help/5020901

https://support.microsoft.com/en-us/help/5020902

https://support.microsoft.com/en-us/help/5020903

http://www.nessus.org/u?0d29de7c

http://www.nessus.org/u?e40dadbd

https://support.microsoft.com/en-us/help/5020859

https://support.microsoft.com/en-us/help/5020860

https://support.microsoft.com/en-us/help/5020861

https://support.microsoft.com/en-us/help/5020862

https://support.microsoft.com/en-us/help/5020866

https://support.microsoft.com/en-us/help/5020867

https://support.microsoft.com/en-us/help/5020868

https://support.microsoft.com/en-us/help/5020869

https://support.microsoft.com/en-us/help/5020872

https://support.microsoft.com/en-us/help/5020873

https://support.microsoft.com/en-us/help/5020874

https://support.microsoft.com/en-us/help/5020875

https://support.microsoft.com/en-us/help/5020876

https://support.microsoft.com/en-us/help/5020877

https://support.microsoft.com/en-us/help/5020878

https://support.microsoft.com/en-us/help/5020879

https://support.microsoft.com/en-us/help/5020880

https://support.microsoft.com/en-us/help/5020881

https://support.microsoft.com/en-us/help/5020882

https://support.microsoft.com/en-us/help/5020883

Plugin Details

Severity: High

ID: 168745

File Name: smb_nt_ms22_dec_dotnet.nasl

Version: 1.10

Type: local

Agent: windows

Published: 12/15/2022

Updated: 11/20/2023

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-41089

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:.net_framework

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 12/13/2022

Vulnerability Publication Date: 12/13/2022

Reference Information

CVE: CVE-2022-41089

IAVA: 2022-A-0534-S

MSFT: MS22-5020859, MS22-5020860, MS22-5020861, MS22-5020862, MS22-5020866, MS22-5020867, MS22-5020868, MS22-5020869, MS22-5020872, MS22-5020873, MS22-5020874, MS22-5020875, MS22-5020876, MS22-5020877, MS22-5020878, MS22-5020879, MS22-5020880, MS22-5020881, MS22-5020882, MS22-5020883, MS22-5020894, MS22-5020895, MS22-5020896, MS22-5020897, MS22-5020898, MS22-5020899, MS22-5020900, MS22-5020901, MS22-5020902, MS22-5020903

MSKB: 5020859, 5020860, 5020861, 5020862, 5020866, 5020867, 5020868, 5020869, 5020872, 5020873, 5020874, 5020875, 5020876, 5020877, 5020878, 5020879, 5020880, 5020881, 5020882, 5020883, 5020894, 5020895, 5020896, 5020897, 5020898, 5020899, 5020900, 5020901, 5020902, 5020903