CSO Online

Hidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fix

Researcher warns that many .NET applications might be vulnerable to arbitrary file writes because .NET’s HTTP client proxy ...

Microsoft bounty program now includes any flaw impacting its services

Microsoft now pays security researchers for finding critical vulnerabilities in any of its online services, regardless of whether the code was written by Microsoft or a third party.
The Hacker News

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.
InfoQ

ASP.NET Core in .NET 10: Major Updates Across Blazor, APIs, and OpenAPI

Microsoft has detailed the major updates to ASP.NET Core arriving as part of last month's .NET 10 release. As reported, this ...
InfoQ

Microsoft Introduces Postgres-Compatible Azure HorizonDB

During the recent Microsoft Ignite conference, the cloud provider announced the early preview of Azure HorizonDB, a managed Postgres-compatible database service for enterprise workloads.
Visual Studio Magazine

Microsoft Tests Copilot-Powered Tool to Modernize JavaScript/TypeScript in VS Code

Microsoft previews a GitHub Copilot-powered VS Code Insiders tool that modernizes JavaScript/TypeScript apps by upgrading npm ...