Review MSMQ security advisory

- The patch is no longer "recently" released
- Customers cannot update to the "latest" version of NServiceBus as it does not support .NET Framework and therefore does not support MSMQ.

Author: mikeminutillo

security-advisories/msmq-permissions.md

@@ -1,12 +1,13 @@
 ---
 title: Security Advisory 2017-01-10
 summary: MSMQ permissions vulnerability
-reviewed: 2023-10-11
+reviewed: 2025-08-08
 ---
 
-This advisory discloses a security vulnerability that has been found in NServiceBus and fixed in a recently released hotfix.
+This advisory discloses a security vulnerability that has been found in NServiceBus and fixed in a hotfix.
 
- * All endpoints should be upgraded to the latest version of the NServiceBus package to fix this vulnerability if:
+ * All endpoints should be upgraded to fix this vulnerability if:
+   * using NServiceBus version 5 or version 6,
    * using the NServiceBus [MSMQ transport](/transports/msmq),
    * running the NServiceBus [installers](/nservicebus/operations/installers.md) to provision endpoints,
    * message queue access rights for Anonymous and Everyone accounts have been manually removed.
@@ -76,4 +77,4 @@ Update the NuGet package using `Update-Package NServiceBus`, stop affected endpo
 
 ## Contact Info
 
-If there are any questions or concerns regarding this advisory, send an email to [[email protected]](mailto://[email protected]).
+If there are any questions or concerns regarding this advisory, send an email to [[email protected]](mailto://[email protected]).