Microsoft security bulletin MS14-057

This is the place to report bugs and get support. When posting in this forum, please always provide as much detail as possible.

Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum, do not report it as a bug.

This is the place to report bugs and get support

When posting in this forum, please try to provide as many relevant details as possible. Particularly the following:

  • What operating system were you running when the bug appeared?
  • What database platform is your site using?
  • What version of mojoPortal are you running?
  • What version of .NET do you use?
  • What steps are necessary to reproduce the issue? Compare expected results vs actual results.
Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum.
This thread is closed to new posts. You must sign in to post in the forums.
10/14/2014 3:43:54 PM
Gravatar
Total Posts 1188
Proud member of the mojoPortal team

Help support mojoPortal!
Add-on modules

Microsoft security bulletin MS14-057

Hi everyone, this isn't a bug in mojoPortal, but in .NET itself. This is an especially bad one for .NET 4.5, since the vulnerable feature (iriParsing) is enabled by default in .NET 4.5 and can't be switched off. This vulnerability can lead to remote code execution, so you should patch your servers as soon as possible, or notify your hosting provider to do so.

The patch is now available through Windows Update, as part of the regularly scheduled Windows 2nd Tuesday patches.

https://technet.microsoft.com/library/security/ms14-057

You must sign in to post in the forums. This thread is closed to new posts.