Description of the security update for the ASP.NET security feature bypass vulnerability: July 10, 2018


Summary


A security feature bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated.

To learn more about the vulnerability, go to CVE-2018-8171.

How to obtain the update


Method1: Microsoft Download Center

The following files are available for download from the Microsoft Download Center.



For ASP.NET Web Frameworks and Tools (aka WSR). This is for Visual Studio 2013 Update 5.

Download the package now.


For ASP.NET Web Tools (aka Web Forms). This is for Visual Studio 2013 Update 5.

Download the package now.


For ASP.NET Web Frameworks and Tools (aka WSR). This is for Visual Studio 2015 Update 3.

Download the package now.


ASP.NET Web Tools (aka Web Forms). This is for Visual Studio 2015 Update 3.

Download the package now.

Release Date: July 10, 2018

For more information about how to download Microsoft support files, click the following article number to go to the article in the Microsoft Knowledge Base:


 

More Information


File information