General information about SQL Server Extended Eventsand Accessing ClientConnectionID through SqlClient for .NET Framework.. Issues that this update resolves. Click here to view or hide detailed information Issue 1: Cannot set the WWW-Authenticate HTTP Response header in self-hosted WCF service scenarios

1 Common Language Runtime (CLR). More information. The following articles provide information about supported .NET Framework versions for this Windows version. This includes the month and year of release, update replacement information, and help and support information for the update.

Summary. A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could take control of an affected system.

Summary. This security update resolves a vulnerability in Microsoft .NET Framework that could allow remote code execution when .NET Framework processes untrusted input.

Summary. This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.

IMPORTANT Some customers who use Windows Server 2008 R2 SP1 and have activated their ESU multiple activation key (MAK) add-on before installing the January 14, 2020 updates might need to re-activate their key. Re-activation on the affected devices should only be required once. For information on activation, see this blog post.

A denial of service vulnerability exists when .NET Framework improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Framework web application.

View products that this article applies to. Summary. This security update for the Microsoft .NET Framework resolves a security feature bypass vulnerability in which the .NET Framework (and the .NET Core) components don't completely validate certificates.

Summary. Denial of service vulnerabilities exist when .NET Framework incorrectly handles objects in heap memory, or when .NET Framework and .NET Core incorrectly process RegEx strings.

View products that this article applies to. Summary. This security update for the Microsoft .NET Framework resolves a security feature bypass vulnerability in which the .NET Framework (and the .NET Core) components don't completely validate certificates.