MS16-035 – Important: Security Update for .NET Framework to Address Security Feature Bypass (3141780) – Version: 2.6

This post has been republished via RSS; it originally appeared at: Microsoft Security Bulletins.

Severity Rating: Important
Revision Note: V2.6 (November 8, 2016): Revised bulletin to announce that a detection change was made to account for .NET Framework 4.6.1 hotfix rollup customers who were not being properly offered security updates applicable to the .NET Framework 4.6.1.
Summary: This security update resolves a vulnerability in Microsoft .NET Framework. The security feature bypass exists in a .NET Framework component that does not properly validate certain elements of a signed XML document.