MS14-036: Description of the security update for Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, and Windows Server 2003: June 10, 2014

View products that this article applies to.

Introduction

This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync that could allow remote code execution if a user opens a specially crafted file or webpage. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

↑ Back to the top

Summary

Microsoft has released security bulletin MS14-036. To learn more about this security bulletin:

Home users:
https://www.microsoft.com/security/pc-security/updates.aspx
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update website now:
https://update.microsoft.com/microsoftupdate/
IT professionals:
https://technet.microsoft.com/library/security/MS14-036

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top

FILE INFORMATION

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2003 file information

The files that apply to a specific milestone (SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.
In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x86-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Spuninst.exe	6.3.4.1	221,488	08-Jul-2010	14:23	x86	None	Not applicable
Gdiplus.dll	5.2.6002.23386	1,748,992	05-May-2014	13:23	x86	SP2	SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	398	05-May-2014	13:23	Not applicable	SP	SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	608	05-May-2014	13:23	Not applicable	SP2	SP2QFE\ASMS\10\POLICY\MSFT\WINDOWS\GDIPLUS

For all supported x64-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Spuninst.exe	6.3.4.1	293,168	06-May-2014	02:14	x64	None	Not applicable
Gdiplus.dll	5.2.6002.23386	2,193,920	06-May-2014	02:10	x64	SP2	SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	400	06-May-2014	02:10	Not applicable	SP	SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	612	06-May-2014	02:10	Not applicable	SP2	SP2QFE\ASMS\10\POLICY\MSFT\WINDOWS\GDIPLUS
Gdiplus.dll	5.2.6002.23386	1,748,992	06-May-2014	02:10	x86	SP2	SP2QFE\ASMS\X86\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	398	06-May-2014	02:10	Not applicable	SP	SP2QFE\ASMS\X86\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	608	06-May-2014	02:10	Not applicable	SP2	SP2QFE\ASMS\X86\10\POLICY\MSFT\WINDOWS\GDIPLUS

For all supported IA-64-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Spuninst.exe	6.3.4.1	501,552	06-May-2014	02:14	IA-64	None	Not applicable
Gdiplus.dll	5.2.6002.23386	4,913,152	06-May-2014	02:09	IA-64	SP2	SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	399	06-May-2014	02:09	Not applicable	SP	SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	610	06-May-2014	02:09	Not applicable	SP2	SP2QFE\ASMS\10\POLICY\MSFT\WINDOWS\GDIPLUS
Gdiplus.dll	5.2.6002.23386	1,748,992	06-May-2014	02:09	x86	SP2	SP2QFE\ASMS\X86\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	398	06-May-2014	02:09	Not applicable	SP	SP2QFE\ASMS\X86\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.man	Not applicable	608	06-May-2014	02:09	Not applicable	SP2	SP2QFE\ASMS\X86\10\POLICY\MSFT\WINDOWS\GDIPLUS

Windows Vista and Windows Server 2008 file information

The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

Version Product Milestone Service branch
6.0.6002.18xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 GDR
6.0.6002.23xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Version	Product	Milestone	Service branch
6.0.6002.18xxx	Windows Vista SP2 and Windows Server 2008 SP2	SP2	GDR
6.0.6002.23xxx	Windows Vista SP2 and Windows Server 2008 SP2	SP2	LDR

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File name	File version	File size	Date	Time	Platform
Gdiplus.dll	5.2.6002.19096	1,748,992	26-Apr-2014	16:00	x86
Gdiplus.dll	5.2.6002.23386	1,748,992	26-Apr-2014	16:53	x86
Gdiplus.dll	6.0.6002.19096	1,839,104	26-Apr-2014	16:00	x86
Gdiplus.dll	6.0.6002.23386	1,839,104	26-Apr-2014	16:53	x86

For all supported x64-based versions of Windows Vista and Windows Server 2008

File name	File version	File size	Date	Time	Platform
Gdiplus.dll	5.2.6002.19096	2,193,408	26-Apr-2014	18:16	x64
Gdiplus.dll	5.2.6002.23386	2,193,920	26-Apr-2014	17:59	x64
Gdiplus.dll	6.0.6002.19096	2,424,832	26-Apr-2014	18:16	x64
Gdiplus.dll	6.0.6002.23386	2,425,344	26-Apr-2014	17:59	x64
Gdiplus.dll	5.2.6002.19096	1,748,992	26-Apr-2014	16:00	x86
Gdiplus.dll	5.2.6002.23386	1,748,992	26-Apr-2014	16:53	x86
Gdiplus.dll	6.0.6002.19096	1,839,104	26-Apr-2014	16:00	x86
Gdiplus.dll	6.0.6002.23386	1,839,104	26-Apr-2014	16:53	x86

For all supported IA-64-based versions of Windows Server 2008

File name	File version	File size	Date	Time	Platform
Gdiplus.dll	5.2.6002.19096	4,912,128	26-Apr-2014	17:44	IA-64
Gdiplus.dll	5.2.6002.23386	4,913,152	26-Apr-2014	16:32	IA-64
Gdiplus.dll	6.0.6002.19096	5,267,968	26-Apr-2014	17:44	IA-64
Gdiplus.dll	6.0.6002.23386	5,268,480	26-Apr-2014	16:32	IA-64
Gdiplus.dll	5.2.6002.19096	1,748,992	26-Apr-2014	16:00	x86
Gdiplus.dll	5.2.6002.23386	1,748,992	26-Apr-2014	16:53	x86
Gdiplus.dll	6.0.6002.19096	1,839,104	26-Apr-2014	16:00	x86
Gdiplus.dll	6.0.6002.23386	1,839,104	26-Apr-2014	16:53	x86

Windows 7 and Windows Server 2008 R2 file information

The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.1.7601.18xxx Windows 7 and Windows Server 2008 R2 SP1 GDR
6.1.7601.22xxx Windows 7 and Windows Server 2008 R2 SP1 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Version	Product	Milestone	Service branch
6.1.7601.18xxx	Windows 7 and Windows Server 2008 R2	SP1	GDR
6.1.7601.22xxx	Windows 7 and Windows Server 2008 R2	SP1	LDR

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File name	File version	File size	Date	Time	Platform
Gdiplus.dll	5.2.7601.18455	1,723,392	26-Apr-2014	02:07	x86
Gdiplus.dll	5.2.7601.22667	1,723,392	26-Apr-2014	01:55	x86
Gdiplus.dll	6.1.7601.18455	1,625,600	26-Apr-2014	02:07	x86
Gdiplus.dll	6.1.7601.22667	1,626,624	26-Apr-2014	01:55	x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File name	File version	File size	Date	Time	Platform
Gdiplus.dll	5.2.7601.18455	2,293,760	26-Apr-2014	02:32	x64
Gdiplus.dll	5.2.7601.22667	2,293,760	26-Apr-2014	02:24	x64
Gdiplus.dll	6.1.7601.18455	2,166,272	26-Apr-2014	02:32	x64
Gdiplus.dll	6.1.7601.22667	2,166,784	26-Apr-2014	02:24	x64
Gdiplus.dll	5.2.7601.18455	1,723,392	26-Apr-2014	02:07	x86
Gdiplus.dll	5.2.7601.22667	1,723,392	26-Apr-2014	01:55	x86
Gdiplus.dll	6.1.7601.18455	1,625,600	26-Apr-2014	02:07	x86
Gdiplus.dll	6.1.7601.22667	1,626,624	26-Apr-2014	01:55	x86

For all supported IA-64-based versions of Windows Server 2008 R2

File name	File version	File size	Date	Time	Platform
Gdiplus.dll	5.2.7601.18455	4,923,904	26-Apr-2014	01:43	IA-64
Gdiplus.dll	5.2.7601.22667	4,923,904	26-Apr-2014	01:41	IA-64
Gdiplus.dll	6.1.7601.18455	4,603,392	26-Apr-2014	01:43	IA-64
Gdiplus.dll	6.1.7601.22667	4,604,928	26-Apr-2014	01:41	IA-64
Gdiplus.dll	5.2.7601.18455	1,723,392	26-Apr-2014	02:07	x86
Gdiplus.dll	5.2.7601.22667	1,723,392	26-Apr-2014	01:55	x86
Gdiplus.dll	6.1.7601.18455	1,625,600	26-Apr-2014	02:07	x86
Gdiplus.dll	6.1.7601.22667	1,626,624	26-Apr-2014	01:55	x86

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: kbsurveynew, kbsecvulnerability, kbsecurity, kbsecreview, kbsecbulletin, atdownload, kblangall, kbfix, kbexpertiseinter, kbbug, kb, kbmustloc

↑ Back to the top

Article Info

Article ID	:	2957503
Revision	:	1
Created on	:	1/7/2017
Published on	:	6/10/2014
Exists online	:	False
Views	:	473

Microsoft KB Archive Search

MS14-036: Description of the security update for Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, and Windows Server 2003: June 10, 2014

Introduction

Summary

How to obtain help and support for this security update

FILE INFORMATION

For all supported x86-based versions of Windows Server 2003

For all supported x64-based versions of Windows Server 2003

For all supported IA-64-based versions of Windows Server 2003

For all supported x86-based versions of Windows Vista and Windows Server 2008

For all supported x64-based versions of Windows Vista and Windows Server 2008

For all supported IA-64-based versions of Windows Server 2008

For all supported x86-based versions of Windows 7

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

For all supported IA-64-based versions of Windows Server 2008 R2

Applies to: