To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Tech News Tech News George Stocker net C# Open-source Microsoft Cloud
Content provided by George Stocker. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by George Stocker or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Last Week in .NET « »
A CVE for every Season

4:16
 
Play
Playing
Share
 

MP3Episode home
Manage episode 302805647 series 2984906
Content provided by George Stocker. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by George Stocker or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Last Week in .NET - 3/13/2021

๐Ÿ’There's a new proposal for a "static abstract" keyword. My brain is foggy on the use-cases here; but let's go with it.

๐Ÿšจ Do you use System.Text.Encodings.Web? There's a vulnerability that has been patched. The vulnerability is captured in CVE-2021-26701

This vulnerability has been patched with the release of .NET 5.0.4, and .NET Core 3.1.13.

For .NET 5.0.4, .NET 3.1.13, and .NET 2.1.26 this is a patch release that contains the CVE Fix. The usual provisos apply and patch your systems.

๐ŸŽ‰ .NET 6.0.0 Preview 2 has been released. .NET 6.0.02 Preview 2 has been released. This release includes faster blazor compilation, CSS Isolation for ASP.NET MVC views and Razor pages, more blazor improvements, and some MAUI thrown in for good measure.

๐Ÿ•ท๐Ÿ‘จโ€โš•๏ธ .NET 6 introduced the Priority Queue and an enterprising Khalid Abuakumah shows how it works with a nice Avengers example Black Widow and Dr. Strange are far too down on his list, but other than that it's a pretty good ranking.

๐ŸŽฅ There's a Windbg video series out, and as someone who has had to suffer through the blog posts and documentation, I'm glad they've taken to video. You won't need Windbg until you do, and by then you'll wish you had already watched these videos.

๐Ÿ•ต๏ธโ€โ™‚๏ธ There's a nasty CVE out that details vulnerabilities in Microsoft's DNS server. You know, that server that generally serves AD environments? There's a paper out about the CVEs.

๐Ÿฆˆ Do you remember the Exchange CVE from last week? (If you haven't patched your Exchange server, please, do so. Now.), well some security researchers published a Proof of Concept on Github (PoC) and that PoC was taken down by Microsoft. Without any word from Microsoft, I can only take this as bad behavior on their part. Exposing this research only helps the pen-testers and security research community improve their craft; and the bad guys already had this information anyway. Taking it down from Github just reminds us that Microsoft owns Github; which may not be such a good. Plan accordingly.

๐Ÿง“๐ŸŽ Visual Studio now lets you remove unused references which brings it up to par with ReSharper from... 2012.

๐Ÿ‘ฎโ€โ™‚๏ธ Microsoft has a security scanner that can tell you if there are backdoors installed on your server I don't know if it can find rootkits, but there is a little comfort in this tool.

๐Ÿ•ต๏ธโ€โ™€๏ธ CISA has released new info on webshells created by the Exchange exploit. Keep a look out if you're an SRE.

Jobs

๐Ÿ’ฐ Microsoft has an opening for a Senior Program Manager in... Data Storage for its Azure team.

  continue reading

63 episodes

#Tech #News #Tech News #George Stocker #net C# Open-source Microsoft Cloud
Artwork

A CVE for every Season

Last Week in .NET

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 302805647 series 2984906
Content provided by George Stocker. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by George Stocker or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Last Week in .NET - 3/13/2021

๐Ÿ’There's a new proposal for a "static abstract" keyword. My brain is foggy on the use-cases here; but let's go with it.

๐Ÿšจ Do you use System.Text.Encodings.Web? There's a vulnerability that has been patched. The vulnerability is captured in CVE-2021-26701

This vulnerability has been patched with the release of .NET 5.0.4, and .NET Core 3.1.13.

For .NET 5.0.4, .NET 3.1.13, and .NET 2.1.26 this is a patch release that contains the CVE Fix. The usual provisos apply and patch your systems.

๐ŸŽ‰ .NET 6.0.0 Preview 2 has been released. .NET 6.0.02 Preview 2 has been released. This release includes faster blazor compilation, CSS Isolation for ASP.NET MVC views and Razor pages, more blazor improvements, and some MAUI thrown in for good measure.

๐Ÿ•ท๐Ÿ‘จโ€โš•๏ธ .NET 6 introduced the Priority Queue and an enterprising Khalid Abuakumah shows how it works with a nice Avengers example Black Widow and Dr. Strange are far too down on his list, but other than that it's a pretty good ranking.

๐ŸŽฅ There's a Windbg video series out, and as someone who has had to suffer through the blog posts and documentation, I'm glad they've taken to video. You won't need Windbg until you do, and by then you'll wish you had already watched these videos.

๐Ÿ•ต๏ธโ€โ™‚๏ธ There's a nasty CVE out that details vulnerabilities in Microsoft's DNS server. You know, that server that generally serves AD environments? There's a paper out about the CVEs.

๐Ÿฆˆ Do you remember the Exchange CVE from last week? (If you haven't patched your Exchange server, please, do so. Now.), well some security researchers published a Proof of Concept on Github (PoC) and that PoC was taken down by Microsoft. Without any word from Microsoft, I can only take this as bad behavior on their part. Exposing this research only helps the pen-testers and security research community improve their craft; and the bad guys already had this information anyway. Taking it down from Github just reminds us that Microsoft owns Github; which may not be such a good. Plan accordingly.

๐Ÿง“๐ŸŽ Visual Studio now lets you remove unused references which brings it up to par with ReSharper from... 2012.

๐Ÿ‘ฎโ€โ™‚๏ธ Microsoft has a security scanner that can tell you if there are backdoors installed on your server I don't know if it can find rootkits, but there is a little comfort in this tool.

๐Ÿ•ต๏ธโ€โ™€๏ธ CISA has released new info on webshells created by the Exchange exploit. Keep a look out if you're an SRE.

Jobs

๐Ÿ’ฐ Microsoft has an opening for a Senior Program Manager in... Data Storage for its Azure team.

  continue reading

63 episodes

#Tech #News #Tech News #George Stocker #net C# Open-source Microsoft Cloud

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play
icon
Help/FAQ | Advertise with Us
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play