Computer Weekly

Microsoft patches zero-days in .NET and SQL Server

Two zero-day flaws in the form of a denial of service (DoS) issue in .NET and an elevation of privilege (EoP) issue in SQL Server top the agenda for security teams in Microsoft’s latest monthly Patch ...
Neowin

Microsoft says SQL Server adoption on Linux is 'phenomenal', ends support for SUSE distro

Microsoft SQL Server 2025 finally hit general availability today, following a private preview a year ago and a public preview back in May. That said, the AI-focused release is still in a public ...
Neowin

SQL Server Management Studio 22 is shaping up to be a decent release

Following the rollout of SQL Server 2025 Release Candidate 0 (RC0) in August, Microsoft revealed its plans for SQL Server Management Studio (SSMS) in September too. Among these for the upcoming ...
Bleeping Computer

Microsoft fixes highest-severity ASP.NET Core flaw ever

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. This HTTP request smuggling bug (CVE-2025-55315 ...
SecurityWeek

‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability

CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes. Microsoft’s October Patch Tuesday updates addressed a critical-severity ...
Bleeping Computer

Microsoft says attackers use exposed ASP.NET keys to deploy malware

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. As Microsoft Threat Intelligence experts recently discovered, ...
Microsoft

Code injection attacks using publicly disclosed ASP.NET machine keys

In December 2024, Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver ...
SiliconANGLE

Big data company dbt Labs buys SDF Labs to improve SQL code comprehension

Big data engineering company dbt Labs Inc. today announced it’s buying SDF Labs Inc. in a merger of acronymic startups that promises to deliver improved data velocity and quality for their customers.
GitHub

ASP.NET Core 2.1 becomes ASP.NET Core 2.3

This issue is a locked mirror of dotnet/aspnetcore#58598. See that issue for discussion. We'll be reshipping ASP.NET Core 2.1 as ASP.NET Core 2.3 and encourage ASP.NET Core 2.2 users to update to it.
InfoWorld

6 security best practices for ASP.NET Core

Learn the best practices and built-in safeguards for preventing attacks and protecting sensitive data in your ASP.NET Core web applications. Today’s web applications are vulnerable to a variety of ...
InfoWorld

How to work with Dapper and SQLite in ASP.NET Core

When developing database-driven .NET and .NET Core, regardless of the database we intend to deploy in the end, we will often want to work with a database engine that is lightweight and fast, in order ...