Endpoint VulnerabilitySecurity Vulnerabilities fixed in .NET Framework MS15-041
Description
ASP.NET improperly handles requests when custom error messages are disabled, causing information disclosure of web configuration files on IIS servers with verbose errors; the Microsoft update removes file content from error messages to mitigate the vulnerability.
Affected Applications
Windows 7
Windows Server 2008 R2
Windows 8
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2026-04-05 | 1.00970 |
New
|
Windows 7,Windows Server 2008 R2,Windows 8,Windows 8. 1,Windows Server 2012,Windows Server 2012 R2,Windows RT 8. 1,Microsoft . NET Framework 3. 5,Microsoft . NET Framework 3. 5. 1 |
| 2019-09-11 | 1.00194 |
Modified
|
Windows 7,Windows Server 2008 R2,Windows 8,Windows 8. 1,Windows Server 2012,Windows Server 2012 R2,Windows RT 8. 1,Microsoft . NET Framework 3. 5,Microsoft . NET Framework 3. 5. 1 |
| ID | 24087 |
| Created | Apr 05, 2026 |
| Description Updated |
Apr 05, 2026 |
| CVE ID | |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Windows 7 , Windows Server 2008 R2 , Windows 8 , Windows 8.1 , Windows Server 2012 , Windows Server 2012 R2 , Windows RT 8.1 , Microsoft .NET Framework 3.5 , Microsoft .NET Framework 3.5.1 |