Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS10-077: Vulnerability in the .NET Framework could allow remote code execution


View products that this article applies to.

Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.

↑ Back to the top


INTRODUCTION

Microsoft has released security bulletin MS10-077. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update


Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top


More Information

The following file is available for download from the Microsoft Download Center:


Download Download the package now.

Release Date: October 12, 2010

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

To install this update, you must have Windows Installer 3.1 or a later version installed on the computer. To obtain the latest version of Windows Installer, visit the following Microsoft website:

 

Known issues with this security update

For more information about installation issues with this security update or with the Microsoft .NET Framework 4, click the following article number to view the article in the Microsoft Knowledge Base:
2436246 Updates for the .NET Framework may not have a fully localized setup experience

2431208 An update for the Microsoft .NET Framework may fail to install when the Microsoft .NET Framework 4 is installed and a restart is pending
2260913 Files in use or File Locks can Result in Framework Assembly Files being Deleted
2263996 Patching of Microsoft Framework can fail with Access is denied or File in Use error

2473228 Products or updates may not be installed correctly when Microsoft .NET Framework 4 or updates for Microsoft .NET Framework 4 are installed after the other product or update installs and a restart is pending

Command-line switches for this update

For information about the various command-line switches that are supported by this update, see the Windows Installer command-line switches document.



For more information about Windows Installer, visit the Windows Installer MSDN website.

Restart requirement

This update does not require a system restart after you apply it unless files being updated are locked or in use. However, installing this update will trigger a restart of all Internet Information Services (IIS)-related services. These include the IISADMIN, W3SVC, FTP, and SMTP services. This behavior occurs because a base component for the .NET Framework includes instructions for restarting these services. Therefore, every update to the product will execute the same restarting instructions. 

Update removal information

To remove this update, use the Add or Remove Programs item in Control Panel.
 

Update replacement information

This security update does not replace a previously released security update.


 

↑ Back to the top


FILE INFORMATION


The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.





Update for 64-bit x64 versions

LDR
File nameFile versionFile sizeDateTime
clrjit.dll4.0.30319.3361,524,55215-Jul-201015:13
Setup.exe10.0.30319.33678,15215-Jul-201014:40
SetupEngine.dll10.0.30319.336809,30415-Jul-201014:40
SetupUi.dll10.0.30319.336295,24815-Jul-201014:40
GDR
File nameFile versionFile sizeDateTime
clrjit.dll4.0.30319.2021,524,55215-Jul-201021:00

Update for 64-bit IA-64 versions

LDR
File nameFile versionFile sizeDateTime
clrjit.dll4.0.30319.3362,801,99215-Jul-201015:54
Setup.exe10.0.30319.33678,15215-Jul-201014:40
SetupEngine.dll10.0.30319.336809,30415-Jul-201014:40
SetupUi.dll10.0.30319.336295,24815-Jul-201014:40
GDR
File nameFile versionFile sizeDateTime
clrjit.dll4.0.30319.2022,801,99215-Jul-201021:50

↑ Back to the top


Keywords: kb, kbsurveynew, kbsecvulnerability, kbsecurity, kbsecreview, kbmustloc, kblangall, kbfix, kbexpertiseinter, kbbug, atdownload, kbsecbulletin

↑ Back to the top

Article Info
Article ID : 2160841
Revision : 2
Created on : 4/13/2020
Published on : 4/13/2020
Exists online : False
Views : 487