Security News > 2023 > February > Microsoft sweeps up after breaking .NET with December security updates
Microsoft this week rolled out fixes to issues caused by security updates released in December 2022 that botched how XPS documents are displayed in various versions of.
Some users who installed the security updates for those developer platforms saw problems with how Windows Presentation Foundation applications rendered XPS documents.
"Additionally, some inline images may not display correctly, or Null reference exceptions might happen when XPS documents are loaded into WPF-based readers."
A second workaround called for using a registry entry to disable the enhanced security operation, with Microsoft cautioning that the move "Should only be done if you know for certain that all XPS documents your system processes are trustable, for example they are generated by your system, rather than uploaded to your system, and they cannot be changed by anyone."
Micrsoft;'s hard pressed users can continue to use Windows' built-in XPS viewer application to safely view untrusted XPS documents.
They can get the out-of-band update package through the Microsoft Update Catalog or manually import the fixes into Windows Server Update Services and Microsoft Endpoint Configuration Manager.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/02/01/microsoft_fix_dotnet_xps/
Related news
- Microsoft shares workaround for Windows security update issues (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- AI agents swarm Microsoft Security Copilot (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)