Microsoft Discloses New .NET Remote Code Execution Vulnerability

Microsoft has released a security report detailing a newly discovered vulnerability affecting various .NET software versions.

The flaw, tracked as CVE-2022-41089, is a remote code execution vulnerability that affects the following products:

• .NET 7.0 WinForms or WPF applications running on .NET 7.0.0 or earlier
• .NET 6.0 WinForms or WPF applications running on .NET 6.0.11 or earlier
• .NET Core 3.1 WinForms or WPF applications running on .NET 3.1.31 or earlier

Exploiting the vulnerability could allow threat actors to run arbitrary code on compromised machines by parsing maliciously crafted XPS files. Microsoft has yet to identify mitigations for the flaw.

According to the security advisory, the vulnerability doesn’t affect applications that don’t use WinForms or WPF and applications targeting any non-Windows platform, such as Android, Linux, iOS and Mac.

The announcement includes a list of exposed package versions and a stern recommendation to update to the latest version of .NET to prevent attacks exploiting the flaw.

Users who have installed .NET SDKs through Visual Studio should update the host application, which will automatically update any outdated SDKs. Self-contained applications targeting impacted versions are also vulnerable to the flaw; they must be recompiled and redeployed to fix the issue.

Although .NET 7.0, .NET 6.0, and .NET Core 3.1 updates can be downloaded and installed manually, they can also be found within Microsoft Update. A quick way to check if you’re up to date is by typing “Check for updates” in the Windows search bar and accessing the appropriate option from the results list.

After installing the updated runtimes or SDKs, restart the apps for the updates to take effect.

Specialized software such as Bitdefender Ultimate Security can keep you safe from exploitable vulnerabilities and other e-threats with its extensive library of features, including:

• Continuous, all-around protection from zero-day exploits, viruses, Trojans, worms, rootkits, ransomware, spyware and other cyberthreats
• Vulnerability assessment module that detects missing Windows security updates, outdated and vulnerable software on your PC and indicates the best fix
• Behavioral detection technology that monitors active apps and takes instant action upon detecting suspicious activity
• Threat prevention module that analyzes and repels network-level suspicious activity