Looking for an Expert Development Team? Take two weeks Trial! Try Now

Microsoft announcing Web API 2.1, MVC 5.1, and Web Pages 3.1 for Asp.net

banner
img

Asp.net developers and researchers is that Web API 2.1, MVC 5.1, and Web Pages 3.1 for asp.net development are live now on Microsoft .net site.

You can use NuGet Package Manager Console to quickly install Web API 2.1, MVC 5.1, and Web Pages 3.1 releases for asp.net development. Here you have to type commands like this –

Install-Package Microsoft.asp.net.technologyname-version

For example –

  • Install-Package Microsoft.asp.net.Webapi-2.1
  • Install-Package Microsoft.asp.net.mvc-5.1
  • Install-Package Microsoft.asp.net.webpages-3.1

There is some prerequisite mandatory for these releases. You have to use updated version for Microsoft visual studio to use all latest releases on your computer. To use MVC 5.1, download “Visual Studio 2013 Update 1” otherwise you would not be able to edit MVC apps.

List of features in latest releases

MVC 5.1

  • Improvements for attribute routing
  • Template editors are supported by bootstrap loader
  • Views are supported by ENUM
  • Unobtrusive validation for Max Length / Min Length attributes
  • AJAX improvements for “this” context
  • Bug Fixing

Web API 2.1

  • Intelligent handling of global errors
  • Improvements for attribute routing
  • Help guide improvements
  • Support for IgnoreRoute
  • Asynchronous filter support
  • Effective parsing technique for library formatting
  • Bug fixing

Web Pages 3.1

  • Bug Fixing

Tutorials and Help Guide is available for all these releases on Microsoft asp.net website. You can discuss about latest asp.net releases on .net forums and also submit your queries about the same. You can also discuss with Aegis asp.net development company India for latest updates on .net and other technologies.

Security and Quality Updates on .Net Framework

Microsoft has released Cumulative update in July 2019, Security and Quality Rollup, and Security only update for .net framework.

Security

CVE-2019-1006 – WCF/WIF SAML Token Authentication Bypass Vulnerability

It is an authentication bypass vulnerability that is available in WCF and WIF. Its purpose is to allow signing of SAML tokens with arbitrary symmetric keys. This vulnerability lets an attacker to impersonate another user, which can result in elevation of privileges. The vulnerability is available in WCF, the version of WIF 3.5 and above in .net framework, WIF Nuget Package, WIF 1.0 component in Windows, WIF Implementation in SharePoint. This vulnerability can be exploited by an unauthentic attacker while signing a SAML token with any arbitrary symmetric key.

CVE-2019-1083 - .Net Denial of Service Vulnerability

.Net Denial of Service Vulnerability exists when MS CORL (Common Object Runtime Library) doesn’t able to handle web requests properly. When an attacker exploits this vulnerability, he could cause a denial of service against a .net web app. An unauthenticated attacker remotely could exploit this vulnerability by simply issuing specially made requests to the .net app.

CVE-2019-1113 .Net framework remote code execution vulnerability

Remote code execution vulnerability is there in .net software app when the app fails to check the file’s source markup. An unauthentic attacker could run arbitrary code within the context of current user once he exploits the vulnerability. If the current user signs in with admin user rights, the attacker could take control of the exploited system. He could later install programs, delete data, view, change, or create new accounts with complete user rights. If a user account is configured to have limited user rights on the system, it could be less impacted.

When a user opens a specially crafted file with an affected .net framework version, exploitation of vulnerability takes place.

The security update reveals the vulnerability by correcting how the framework measures the source markup of a file.

How to get this update?

The Cumulative update and Security and Quality update can be installed through Windows Update, Windows Server Update Services, MS Update Catalog, and Docker. The Security Only Update can be installed through Windows Server Update Services and MS Update Catalog.

.Net Cumulative Quality and Reliability update

Microsoft has released Cumulative update for .net 3.5 and 4.8 framework on Windows 10. The release includes the following quality and reliability enhancements –

  • Enhances the memory allocation and cleanup scheduling behavior.
  • Addresses an InvalidOperationException that can happen during weak-event cleanup.
  • Addresses InvalidOperationException errors and more
  • Support for IgnoreRoute
  • Asynchronous filter support
  • Effective parsing technique for library formatting
  • Bug fixing

How to get this update?

You can get this update through Windows Update, WSUS, and Microsoft Update Catalog.

For further information, mail us at [email protected]

DMCA Logo do not copy