First published: Tue Dec 13 2022(Updated: )
.NET Framework Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Visual Studio 2022 | =17.2 | |
Microsoft Visual Studio 2019 (includes 16.0 - 16.10) | =16.11 | |
Microsoft .NET 6.0 | ||
Microsoft Visual Studio 2022 | =17.0 | |
Microsoft Visual Studio 2022 | =17.4 | |
Microsoft .NET 7.0 | ||
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x64 | =7.0.0 | 7.0.1 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x86 | =7.0.0 | 7.0.1 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64 | =7.0.0 | 7.0.1 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x86 | >=6.0.0<=6.0.11 | 6.0.12 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x64 | >=6.0.0<=6.0.11 | 6.0.12 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64 | >=6.0.0<=6.0.11 | 6.0.12 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x86 | >=3.1.0<=3.1.31 | 3.1.32 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x64 | >=3.1.0<=3.1.31 | 3.1.32 |
Microsoft .NET Core | =3.1 | |
Microsoft .NET Framework | =3.5 | |
Microsoft .NET Framework | =4.8 | |
Microsoft Windows 10 | =20h2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2022 | ||
Microsoft Windows 10 | =21h1 | |
Microsoft Windows 10 | =21h2 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT | ||
Microsoft Windows Server 2008 Itanium | =r2-sp1 | |
Microsoft Windows Server 2012 x64 | ||
Microsoft Windows Server 2012 x64 | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft .NET Framework | =4.6 | |
Microsoft .NET Framework | =4.6.1 | |
Microsoft .NET Framework | =4.6.2 | |
Microsoft .NET Framework | =4.7 | |
Microsoft .NET Framework | =4.7.1 | |
Microsoft .NET Framework | =4.7.2 | |
Microsoft Windows 7 | =sp1 | |
Microsoft .NET Framework | =4.8.1 | |
Microsoft Windows 11 | ||
Microsoft Windows 11 | ||
Microsoft .NET Framework | =3.5.1 | |
Microsoft .NET Framework | =2.0-sp2 | |
Microsoft .NET Framework | =3.0-sp2 | |
Microsoft Windows Server 2008 Itanium | =sp2 | |
Microsoft Windows 10 | =20h2 | |
Microsoft PowerShell Core | ||
Microsoft PowerShell Core | ||
All of | ||
Any of | ||
Microsoft .NET Framework | =3.5 | |
Microsoft .NET Framework | =4.8 | |
Any of | ||
Microsoft Windows 10 | =20h2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2022 | ||
All of | ||
Microsoft .NET Framework | =4.8 | |
Any of | ||
Microsoft Windows 10 | =21h1 | |
Microsoft Windows 10 | =21h2 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT | ||
Microsoft Windows Server 2008 Itanium | =r2-sp1 | |
Microsoft Windows Server 2012 x64 | ||
Microsoft Windows Server 2012 x64 | =r2 | |
Microsoft Windows Server 2016 | ||
All of | ||
Any of | ||
Microsoft .NET Framework | =4.6 | |
Microsoft .NET Framework | =4.6.1 | |
Microsoft .NET Framework | =4.6.2 | |
Microsoft .NET Framework | =4.7 | |
Microsoft .NET Framework | =4.7.1 | |
Microsoft .NET Framework | =4.7.2 | |
Any of | ||
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT | ||
Microsoft Windows Server 2008 Itanium | =r2-sp1 | |
Microsoft Windows Server 2012 x64 | ||
Microsoft Windows Server 2012 x64 | =r2 | |
All of | ||
Any of | ||
Microsoft .NET Framework | =3.5 | |
Microsoft .NET Framework | =4.8.1 | |
Any of | ||
Microsoft Windows 11 | ||
Microsoft Windows 11 | ||
Microsoft Windows Server 2022 | ||
All of | ||
Microsoft .NET Framework | =4.8.1 | |
Any of | ||
Microsoft Windows 10 | =21h1 | |
Microsoft Windows 10 | =21h2 | |
All of | ||
Microsoft .NET Framework | =3.5.1 | |
Any of | ||
Microsoft Windows 7 | =sp1 | |
Microsoft Windows Server 2008 Itanium | =r2-sp1 | |
All of | ||
Microsoft .NET Framework | =3.5 | |
Any of | ||
Microsoft Windows 8.1 | ||
Microsoft Windows Server 2012 x64 | ||
Microsoft Windows Server 2012 x64 | =r2 | |
All of | ||
Any of | ||
Microsoft .NET Framework | =2.0-sp2 | |
Microsoft .NET Framework | =3.0-sp2 | |
Microsoft .NET Framework | =4.6 | |
Microsoft Windows Server 2008 Itanium | =sp2 | |
All of | ||
Any of | ||
Microsoft .NET Framework | =3.5 | |
Microsoft .NET Framework | =4.6.2 | |
Microsoft .NET Framework | =4.7 | |
Microsoft .NET Framework | =4.7.1 | |
Microsoft .NET Framework | =4.7.2 | |
Any of | ||
Microsoft Windows 10 | =1607 | |
Microsoft Windows Server 2016 | ||
All of | ||
Any of | ||
Microsoft .NET Framework | =3.5 | |
Microsoft .NET Framework | =4.7.2 | |
Any of | ||
Microsoft Windows 10 | =20h2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 11 | ||
Microsoft Windows 11 | ||
Microsoft Windows Server 2019 | ||
Microsoft .NET Framework | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework | =4.8 | |
Microsoft .NET Framework | =4.6.2 | |
Microsoft .NET Framework | =3.5.1 | |
Microsoft .NET Framework | =3.0 | |
Microsoft .NET Framework | =2.0 | |
Microsoft .NET Framework | =4.6.2 | |
Microsoft .NET Framework | =4.8 | |
Microsoft .NET Framework | =4.8 | |
Microsoft .NET Framework | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework | =3.5 | |
Microsoft .NET Framework | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework | =4.8 | |
Microsoft .NET Framework | =3.5 | |
Microsoft .NET Framework | =3.5=4.6=4.6.2 | |
Microsoft .NET Framework | =3.5=4.8 | |
Microsoft .NET Framework | =3.5=4.7.2 | |
Microsoft .NET Framework | =4.8 | |
Microsoft .NET Framework | =3.5=4.7.2 | |
Microsoft .NET Framework | =3.5=4.8.1 | |
Microsoft .NET Framework | =3.5=4.8 | |
Microsoft .NET Framework | =3.5=4.8.1 | |
Microsoft .NET Framework | =3.5=4.8 | |
Microsoft .NET Framework | =3.5=4.8.1 | |
Microsoft .NET Framework | =3.5=4.8.1 | |
Microsoft .NET Framework | =3.5=4.8 | |
Microsoft .NET Framework | =3.5=4.8 | |
Microsoft .NET Framework | =3.5=4.8.1 | |
Microsoft .NET Framework | =3.5=4.8.1 | |
Microsoft .NET Framework | =3.5=4.8.1 | |
Microsoft .NET Framework | =3.5=4.8.1 | |
Microsoft .NET Framework | =3.5=4.8 | |
Microsoft .NET Framework | =4.8 | |
Microsoft .NET Framework | =3.5=4.8.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-41089 is rated as critical due to its potential for remote code execution in the affected Microsoft .NET Framework versions.
To mitigate CVE-2022-41089, ensure you apply the latest security patches provided by Microsoft for the vulnerable .NET Framework versions.
CVE-2022-41089 affects several versions of the .NET Framework including 3.5, 4.6.2, 4.7, 4.7.1, and 4.8.
While no official workarounds are recommended, minimizing the use of applications relying on affected .NET versions may reduce exposure.
If using vulnerable versions of .NET Framework due to third-party applications, contact the software vendor for updates or patches addressing CVE-2022-41089.