via @dotnet : .NET 10.0.7 Out-of-Band Security Update

https://ift.tt/M4BdDGe
#dotnet #dotnet10 #dotnetcore #AspNetCore #DataProtection #SecurityUpdate #OutOfBand #OOB #CVE202640372 #SecurityVulnerability #Decryption #HMAC #Encryption #ReleaseNotes #Downloads #SD…

Microsoft Fixes ASP.NET Core Bug That Enables Privilege Escalation

Microsoft just patched a critical bug in ASP.NET Core that could let hackers escalate their privileges and take control - and they've already released an out-of-band update to fix it. The flaw, tracked as CVE-2026-40372, carries a near-perfect CVSS score of 9.1, indicating a high severity threat.

https://osintsights.com/microsoft-fixes-aspnet-core-bug-that-enables-privilege-escalation?utm_source=mastodon&utm_medium=social

#PrivilegeEscalation #AspnetCore #Cve202640372 #Microsoft #OutofbandUpdate

Microsoft Disrupts ASP.NET Flaw Allowing SYSTEM Privilege Escalation

Microsoft has patched a critical ASP.NET Core vulnerability, CVE-2026-40372, that allowed unauthenticated attackers to forge authentication cookies and gain SYSTEM privileges on affected devices. This fix addresses a flaw in the ASP.NET Core Data Protection cryptographic APIs that could be exploited for privilege escalation.

https://osintsights.com/microsoft-disrupts-aspnet-flaw-allowing-system-privilege-escalation?utm_source=mastodon&utm_medium=social

#PrivilegeEscalation #Aspnet #Cve202640372 #SystemPrivileges #Microsoft

From the .NET blog...

In case you missed it earlier...

.NET 10.0.7 Out-of-Band Security Update
https://devblogs.microsoft.com/dotnet/dotnet-10-0-7-oob-security-update/ #dotnet #MaintenanceUpdates #NET10 #CVE202640372 #OOB #Security

From the .NET blog...

.NET 10.0.7 Out-of-Band Security Update
https://devblogs.microsoft.com/dotnet/dotnet-10-0-7-oob-security-update/ #dotnet #MaintenanceUpdates #NET10 #CVE202640372 #OOB #Security