January 8, 2019—KB4480056 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019

Applies to: .NET Framework

Improvements and fixes


This security update resolves a vulnerability in Microsoft .NET Framework that may cause an information disclosure that allows bypassing Cross-origin Resource Sharing (CORS) configurations.

An attacker who successfully exploits the vulnerability could retrieve from a web application content that's normally restricted.

This security update addresses the vulnerability by enforcing CORS configuration to prevent its bypass.

To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0545.

Known issues in this update


Microsoft is not currently aware of any issues in this update.

How to get this update


Install this update

To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates.

This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4480056 for x64 and the file information for cumulative update 4480056 for x86.

Additional Information


Individual VSO bugs related to KB4480056

ID

Title

694879695225

response leads to info disclosure