Telerik UI for ASP.NET AJAX R1 2020 (version 2020.1.114) Retail: How to Upgrade from Previous Versio

If you have an active license go the the Downloads section, look for version 2020.1.114 or later in the Version dropdown and download the Telerik_UI_for_ASP.NET_AJAX_2020_1_114_Dev_hotfix.zip archive. You can see how to update your project here. For any questions, you can contact us via the support ticketing system.

Due to the .NET JavaScriptSerializer Deserialization (CVE-2019-18935) vulnerability, we strongly recommend upgrading to R1 2020 (version 2020.1.114) or later since the patches provided for CVE-2017-9248, CVE-2017-1135, CVE-2014-2217 and CVE-2017-11317 do not prevent it.

Telerik UI for ASP.NET AJAX R1 2020 (version 2020.1.114) Retail

Download File: https://urluso.com/2vIFjV

Due to the .NET JavaScriptSerializer Deserialization (CVE-2019-18935) vulnerability, we strongly recommend upgrading to R1 2020 (version 2020.1.114) or later since the patches provided for CVE-2017-1135, CVE-2014-2217 and CVE-2017-11317 do not prevent it.

Due to the .NET JavaScriptSerializer Deserialization (CVE-2019-18935) vulnerability, we strongly recommend upgrading to R1 2020 (version 2020.1.114) or later since the patches provided for CVE-2014-2217 and CVE-2017-11317 do not prevent it.

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. (As of 2020.1.114, a default setting prevents the exploit. In 2019.3.1023, but not earlier versions, a non-default setting can prevent exploitation.)

2ff7e9595c