.NET September 2023 Updates – .NET 7.0.11, .NET 6.0.22


Today, we are releasing the .NET September 2023 Updates. These updates contain security and non-security improvements. Your app may be vulnerable if you have not deployed a recent .NET update.

You can download 7.0.11 and 6.0.22 versions for Windows, macOS, and Linux, for x86, x64, Arm32, and Arm64.

Windows Package Manager CLI (winget)​

You can now install .NET updates using the Windows Package Manager CLI (winget):
  • To install the .NET 7 runtime: winget install dotnet-runtime-7
  • To install the .NET 7 SDK: winget install dotnet-sdk-7
  • To update an existing installation: winget upgrade
See Install with Windows Package Manager (winget) for more information.

Improvements​

Security​

Note: The vulnerabilities CVE-2023-36792, CVE-2023-36793, CVE-2023-36792, CVE-2023-36796 are all resolved by a single patch. Get this update to resolve all of them.

CVE-2023-36792 – .NET Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to remote code execution. This issue only affects Windows systems.

CVE-2023-36793 – .NET Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to remote code execution. This issue only affects Windows systems.

CVE-2023-36794 – .NET Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to remote code execution. This issue only affects Windows systems.

CVE-2023-36796 – .NET Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to remote code execution. This issue only affects Windows systems.

CVE-2023-36799 – .NET Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in .NET where reading a maliciously crafted X.509 certificate may result in Denial of Service. This issue only affects Linux systems.

Visual Studio​

See release notes for Visual Studio compatibility for .NET 7.0 and .NET 6.0.
Click to expand...

Source:
devblogs.microsoft.com

.NET September 2023 Updates – .NET 7.0.11, .NET 6.0.22 - .NET Blog

Check out latest September 2023 updates for .NET 7.0 and .NET 6.0
devblogs.microsoft.com devblogs.microsoft.com
 
Click to expand...
I Installed and Ran
Code: 
    To install the .NET 7 runtime: winget install dotnet-runtime-7
    To install the .NET 7 SDK: winget install dotnet-sdk-7
    To update an existing installation: winget upgrade

But I dont know how to upgrade

Code: 
Microsoft Windows [Version 10.0.22621.2215]
(c) Microsoft Corporation. All rights reserved.

C:\Windows\System32>winget upgrade
Name                                                    Id                           Version       Available     Source
-----------------------------------------------------------------------------------------------------------------------
Notepad++ (64-bit x64)                                  Notepad++.Notepad++          8.5.6         8.5.7         winget
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0… Microsoft.VCRedist.2013.x86  12.0.21005.1  12.0.40664.0  winget
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0… Microsoft.VCRedist.2012.x64  11.0.50727.1  11.0.61030.0  winget
Microsoft Visual C++ 2015-2022 Redistributable (x86) -… Microsoft.VCRedist.2015+.x86 14.36.32532.0 14.38.32919.0 winget
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0… Microsoft.VCRedist.2012.x86  11.0.50727.1  11.0.61030.0  winget
Microsoft Visual C++ 2015-2022 Redistributable (x64) -… Microsoft.VCRedist.2015+.x64 14.36.32532.0 14.38.32919.0 winget
6 upgrades available.

C:\Windows\System32>

any help?
Thanks
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    MSI
You must log in or register to reply here.

Similar threads

  • Article Article
.NET April 2024 Updates - .NET 8.0.4, 7.0.18, .NET 6.0.29
Replies
0
Views
673
Brink
Brink
  • Article Article
.NET March 2024 Updates - .NET 8.0.3, 7.0.17, .NET 6.0.28
Replies
2
Views
3K
Melchior
Melchior
  • Article Article
.NET October 2023 Security Updates – .NET 7.0.13, .NET 6.0.24
Replies
1
Views
939
HRPuffnstuff
HRPuffnstuff
  • Article Article
.NET February 2024 Updates - .NET 8.0.2, 7.0.16, .NET 6.0.27
Replies
0
Views
667
Brink
Brink
  • Article Article
.NET November 2023 Updates – .NET 7.0.14, .NET 6.0.25
Replies
0
Views
606
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom