• .NET Framework oddities and ESU issues highlight May patching


    By Susan Bradley

    For some Windows 7 users, May’s .NET Framework security updates proved to be a patching speed bump.

    On Patch Tuesday (May 12), Microsoft released .NET fixes for three new vulnerabilities. CVE-2020-0605 is a remote-code execution threat, CV-2020-1066 might allow elevation of privileges, and CVE-2020-1108 could result in denial-of-service attacks.

    But soon after the updates appeared, Win7 users reported installation failures. The upshot? The patches generally worked fine on systems with genuine (paid) and up-to-date Extended Security Updates (ESU) subscriptions.

    Read the full story in AskWoody Plus Newsletter 17.19.0 (2020-05-18).