Tag

Out Of Band

All articles tagged with #out of band

security1 month ago•3 min saved

Microsoft patches critical ASP.NET Core data-protection flaw to curb cookie forgery

Microsoft released out-of-band security updates for a critical ASP.NET Core Data Protection vulnerability (CVE-2026-40372) that could let unauthenticated attackers forge authentication cookies and gain SYSTEM privileges. The flaw comes from a regression in the 10.0.0–10.0.6 NuGet packages, which could cause forged payloads to bypass authenticity checks; upgrading to 10.0.7 and redeploying with a rotated DataProtection key ring fixes the issue. This follows April’s Patch Tuesday and includes additional out-of-band Windows Server fixes. No service disruption is reported, but applications using DataProtection should update promptly to prevent token forgery and data exposure.

via BleepingComputer|

#aspnet-core #cve-2026-40372 #data-protection

technology4 months ago•47 min saved

Microsoft pushes a second Windows 11 emergency update to fix Patch Tuesday chaos

Microsoft released a second emergency out-of-band update for Windows 11 (KB5078127) to fix a bug that left Outlook and cloud-based apps like OneDrive and Dropbox unusable after January Patch Tuesday; the update, targeting 24H2 and 25H2, includes fixes for unresponsiveness when opening/saving to cloud storage and follows an earlier OOB patch that resolved remote desktop and hibernation issues but briefly broke app compatibility. The rollout spans multiple Windows editions, with guidance to check the Windows release health dashboard for current status.

via Windows Central|

#kb5078127 #microsoft #out-of-band