CVE-2018-0786

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 2.0 SP2 through 4.7.1 .NET Core versions 1.0 through 2.0 PowerShell Core version 6.0.0

Description: A security feature bypass issue exists due to the way certificates are validated. This occurs when components do not completely validate certificates, allowing an attacker to present a certificate marked invalid for a specific use, but the component uses it for that purpose, disregarding the Enhanced Key Usage taggings.

Recommendations: For Microsoft .NET Framework versions 2.0 SP2 through 4.7.1, update to a version that includes the security fix for the certificate validation issue. For .NET Core versions 1.0 through 2.0, apply the necessary security patches to address the certificate validation vulnerability. For PowerShell Core version 6.0.0, consider disabling the use of certificates until a patch is available that properly validates certificates.