First published: Tue Dec 13 2022(Updated: )
.NET Framework Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft .NET 6.0 | ||
Microsoft .NET 7.0 | ||
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x64 | =7.0.0 | 7.0.1 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x86 | =7.0.0 | 7.0.1 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64 | =7.0.0 | 7.0.1 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x86 | >=6.0.0<=6.0.11 | 6.0.12 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x64 | >=6.0.0<=6.0.11 | 6.0.12 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-arm64 | >=6.0.0<=6.0.11 | 6.0.12 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x86 | >=3.1.0<=3.1.31 | 3.1.32 |
nuget/Microsoft.WindowsDesktop.App.Runtime.win-x64 | >=3.1.0<=3.1.31 | 3.1.32 |
Microsoft PowerShell | ||
Microsoft PowerShell | ||
Microsoft Visual Studio 2019 | =16.11 | |
Microsoft .NET Framework 4 | =2.0 | |
Microsoft .NET Framework 4 | =4.6.2 | |
Microsoft .NET Framework 4 | =3.0 | |
Microsoft .NET Framework 4 | =4.6.2 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =3.5.1 | |
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =3.5=4.6=4.6.2 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =3.5=4.7.2 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.7.2 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Core Runtime | =3.1 | |
Visual Studio Community 2022 | =17.4 | |
Visual Studio Community 2022 | =17.2 | |
Visual Studio Community 2022 | =17.0 | |
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.8 | |
Any of | ||
Windows 10 | =20h2 | |
Windows 10 | =1809 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2022 | ||
All of | ||
Microsoft .NET Framework 4 | =4.8 | |
Any of | ||
Windows 10 | =21h1 | |
Windows 10 | =21h2 | |
Windows 10 | =1607 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows | ||
Microsoft Windows RT | ||
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
Microsoft Windows Server 2016 | ||
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =4.6 | |
Microsoft .NET Framework 4 | =4.6.1 | |
Microsoft .NET Framework 4 | =4.6.2 | |
Microsoft .NET Framework 4 | =4.7 | |
Microsoft .NET Framework 4 | =4.7.1 | |
Microsoft .NET Framework 4 | =4.7.2 | |
Any of | ||
Microsoft Windows 7 | =sp1 | |
Microsoft Windows | ||
Microsoft Windows RT | ||
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.8.1 | |
Any of | ||
Windows 11 | ||
Windows 11 | ||
Microsoft Windows Server 2022 | ||
All of | ||
Microsoft .NET Framework 4 | =4.8.1 | |
Any of | ||
Windows 10 | =21h1 | |
Windows 10 | =21h2 | |
All of | ||
Microsoft .NET Framework 4 | =3.5.1 | |
Any of | ||
Microsoft Windows 7 | =sp1 | |
Microsoft Windows Server | =r2-sp1 | |
All of | ||
Microsoft .NET Framework 4 | =3.5 | |
Any of | ||
Microsoft Windows | ||
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =2.0-sp2 | |
Microsoft .NET Framework 4 | =3.0-sp2 | |
Microsoft .NET Framework 4 | =4.6 | |
Microsoft Windows Server | =sp2 | |
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.6.2 | |
Microsoft .NET Framework 4 | =4.7 | |
Microsoft .NET Framework 4 | =4.7.1 | |
Microsoft .NET Framework 4 | =4.7.2 | |
Any of | ||
Windows 10 | =1607 | |
Microsoft Windows Server 2016 | ||
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.7.2 | |
Any of | ||
Windows 10 | =20h2 | |
Windows 10 | =1809 | |
Windows 11 | ||
Windows 11 | ||
Microsoft Windows Server 2019 | ||
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.8 | |
Windows 10 | =20h2 | |
Windows 10 | =1809 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2022 | ||
Windows 10 | =21h1 | |
Windows 10 | =21h2 | |
Windows 10 | =1607 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows | ||
Microsoft Windows RT | ||
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft .NET Framework 4 | =4.6 | |
Microsoft .NET Framework 4 | =4.6.1 | |
Microsoft .NET Framework 4 | =4.6.2 | |
Microsoft .NET Framework 4 | =4.7 | |
Microsoft .NET Framework 4 | =4.7.1 | |
Microsoft .NET Framework 4 | =4.7.2 | |
Microsoft Windows 7 | =sp1 | |
Microsoft .NET Framework 4 | =4.8.1 | |
Windows 11 | ||
Windows 11 | ||
Microsoft .NET Framework 4 | =3.5.1 | |
Microsoft .NET Framework 4 | =2.0-sp2 | |
Microsoft .NET Framework 4 | =3.0-sp2 | |
Microsoft Windows Server | =sp2 | |
Windows 10 | =20h2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-41089 is rated as critical due to its potential for remote code execution in the affected Microsoft .NET Framework versions.
To mitigate CVE-2022-41089, ensure you apply the latest security patches provided by Microsoft for the vulnerable .NET Framework versions.
CVE-2022-41089 affects several versions of the .NET Framework including 3.5, 4.6.2, 4.7, 4.7.1, and 4.8.
While no official workarounds are recommended, minimizing the use of applications relying on affected .NET versions may reduce exposure.
If using vulnerable versions of .NET Framework due to third-party applications, contact the software vendor for updates or patches addressing CVE-2022-41089.