Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. MS14-046: Vulnerability in the .NET Framework could allow security feature bypass: August 12, 2014

MS14-046: Vulnerability in the .NET Framework could allow security feature bypass: August 12, 2014

Introduction

This update resolves a vulnerability in the Microsoft .NET Framework that could bypass the Address Space Layout Randomization (ASLR) security feature if a user goes to a specially crafted website.

↑ Back to the top

Summary

Microsoft has released security bulletin MS14-046. Learn more about how to obtain the fixes that are included in this security bulletin: 

↑ Back to the top

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

↑ Back to the top

More Information

More information about this update

The following articles contain additional information about this update as it relates to individual product versions. The articles may contain specific information to the individual updates such as download URL, prerequisites and command line switches.



The Microsoft .NET Framework 3.5.1
  • 2943357  MS14-046: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: August 12, 2014
  • 2937610  MS14-046: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: August 12, 2014
The Microsoft .NET Framework 3.5
  • 2966828  MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 12, 2014





    Known issues in security update 2966828:
    • After you install security update 2966828 (described in Microsoft Security Bulletin MS14-046) for the Microsoft .NET Framework 3.5, and then you try to enable the Microsoft .NET Framework 3.5 optional feature in Windows Features for the very first time, the feature may not install. You may notice this failure if you "stage" the installation before you add the Microsoft .NET Framework 3.5 feature. For more information about how to work around this issue, click the following article number to view the article in the Microsoft Knowledge Base:
      3002547  Enabling the Microsoft .NET Framework 3.5 optional Windows feature on Windows 8, Windows Server 2012, Windows 8.1, or Windows Server 2012 R2 may fail after you install security update 2966827 or 2966828
  • 2966826  MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 12, 2014
  • 2966827  MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: August 12, 2014



    Known issues in security update 2966827:
    • After you install security update 2966827 (described in Microsoft Security Bulletin MS14-046) for the Microsoft .NET Framework 3.5, and then you try to enable the Microsoft .NET Framework 3.5 optional feature in Windows Features for the very first time, the feature may not install. You may notice this failure if you "stage" the installation before you add the Microsoft .NET Framework 3.5 feature. For more information about how to work around this issue, click the following article number to view the article in the Microsoft Knowledge Base:
      3002547  Enabling the Microsoft .NET Framework 3.5 optional Windows feature on Windows 8, Windows Server 2012, Windows 8.1, or Windows Server 2012 R2 may fail after you install security update 2966827 or 2966828
  • 2966825  MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: August 12, 2014
The Microsoft .NET Framework 3.0
  • 2943344  MS14-046: Description of the security update for the .NET Framework 3.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: August 12, 2014
The Microsoft .NET Framework 2.0
  • 2937608  MS14-046: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: August 12, 2014

↑ Back to the top

Update replacement information

Update replacement information for each specific update can be found in the Microsoft Knowledge Base articles that correspond to this update.

↑ Back to the top

File hash information
File nameSHA1 hashSHA256 hash
Windows6.0-KB980842-x64.msu56CCB4131E94F0E4740AC65D54603AD9A2F32FDECC84E048D5B9A0F35F9FE981C1F0FCA67261D0C07B026B18B5626DE9ED97C6F1
Windows6.0-KB2937608-x86.msu23446C961CA61E0C7ADBA32B459EE0863B5009CA8E50A75C2611CA0F5A8A35891BA3915DDAD725782BA220EA91A74518C611A58A
Windows6.0-KB2901113-x86.msu05617C64C3776658D625D3E99C398A87468C261BB9298C5417E9E8F9E33CA0C18617EA90BA8FDB3BBE6912E6D6D0E3F8F7AABD3D
Windows6.0-KB980842-x86.msuA6FC223B39B42789FF7A319AFEFF86DF2913D187C41C2294AC8CEDE7308711183F8E0FA5BE9208ACBEEF5DB347BE6E0C8AF2E4AA
Windows6.0-KB2901113-ia64.msu38B6F053764B77F556E7560DA376521000682A2180742F7CB78A03841F1F66FBF584C9E792455B8B394795EFB5A03D60FEFE804F
Windows6.0-KB2901113-x64.msu216A35BF2B5E7782B1480D5CDD9B647CB3B2243C1E630D2EA29D4615F7A6E5D7352DDB8ED86112A1735E103D4361B05EEF3243CD
Windows6.0-KB2937608-ia64.msu47B7AC276273BC21AADA6BF77CBF0B0A7D56D4C9FA66FE7B5302A007AB209CF941DEBD91BF0E5AAC0C2E6FAB576FA772CBA807EC
Windows6.0-KB2937608-x64.msu2B64C687F8A0DBDA4BA45652848697594E0DB0897C2D1737F20812298EC82B203C148AE528AB7F72273452C73CAA3D28E67D2557
Windows6.0-KB980842-ia64.msu2A2A67B37490C495E23B1EC709BACA49D06F02729494EDBFFE5DF90060C253C6E185DC2EE9739C144BCF1B25C2F42914078752EC
Windows6.1-KB2937610-ia64.msuEDC8CC870280A43615F33F4CC8B80B5D19F9ECFE32DADF17B8362C71E6C4A483E66243875B21F54653A7B287A447B4A59262EF14
Windows6.1-KB2943357-x64.msu035199134A0E40F5EB6BF83B2781850DB5C84D8134087D37A6BFAADF8627E35754621A82C4477C357AF2B4E2548E4592098B632C
Windows6.1-KB2943357-x86.msuB4B1831A98CE4BF16DDA9E2432CF2EB1FE598CB7C7B89E6DC4ED19726B0F606435FADD9BEFC87427D7A068F7808C9832B1BF7AA6
Windows6.1-KB2937610-x64.msu4EADBBDE029E5D21EB46AAADA7B2BD012F211F6F95BB3A42E98D5A3BB9EFBCCAE47C8A5CB0AAE65526EE44750258F4391154351B
Windows6.1-KB2937610-x86.msuD90A5D24F180953737B45D7883B16347B00874D0F4FDDE29D94F640F94C49B5A99BD1BAD9BC6E5E459C2B16B98AD03B83966681A
Windows6.1-KB2943357-ia64.msu8F221DFD4E8251725B1D4CFAA551FA4E589CE9E522022769B68DCB8A1731DE069DA6137EFEA21FB2CCC948CCAA847842E52724FE
Windows8-RT-KB2966825-x64.msu7DCFA04EC74B6976EB4EB8A9ACEA0DA40095F0F35C9ED6B1DDD1589FD431148C328AFE3EBA168FC30EFA8E6635A11741BCC209EB
Windows8-RT-KB2966827-x86.msuF3E247F64C174DA25F263C35035AF532857F91651377BF8C675051B063E078A8DF71E93C8B1AF5149FB465260B8CAC2396923A92
Windows8-RT-KB2966825-x86.msu13A4CAE84D8F9CE31F913EFD9C1C5724332FE22EFBD36A2FF261BC1531C451A8E04C9E957387D02A49CF3E811C4B5D735765C18D
Windows8-RT-KB2966827-x64.msu8507CB4A5D716DC4F07362BD5886D078962A9FE458174205C9856D43AADA12828463881DC1D0A2971F0DD3CB682AAC335D5EB4AD
Windows8.1-KB2966826-x86.msu622403B94CBABA3E67E43E052BE4F4D92CFA34B36FF01C8A018183283296257E2E89CD67D322E146CC278D863C1471B28C72E7E0
Windows8.1-KB2966828-x64.msuF31EBCFD6846F6F8685D8FC9F842C29A950A7EA09C7E8876CA24361D8F632033E3DF213A901A6124AF189EBDCDE28BDF22E68565
Windows8.1-KB2966828-x86.msuB3026D534E05C6CD60A621FB2CEDACB312A54DE15DE7369D444F9ABCF9DA9886DA96797B3E4A7F301C3E7CE6E644D4DCF79CDF18
Windows8.1-KB2966826-x64.msu72425C975269EFB37B5452E6E568406376915416F8A03600F688088CF184C039AAAD61AB8465E44C767FA0ECF7A91F658E873182

↑ Back to the top


Applies to

This article applies to the following:
  • Microsoft .NET Framework 3.5.1 when used with:
    • Windows 7 Service Pack 1
    • Windows Server 2008 R2 Service Pack 1
  • Microsoft .NET Framework 3.5 when used with:
    • Windows 8.1
    • Windows Server 2012 R2
    • Windows 8
    • Windows Server 2012
  • Microsoft .NET Framework 3.0 Service Pack 2 when used with:
    • Windows Vista Service Pack 2
    • Windows Server 2008 Service Pack 2
  • Microsoft .NET Framework 2.0 Service Pack 2 when used with:
    • Windows Vista Service Pack 2
    • Windows Server 2008 Service Pack 2

↑ Back to the top

Keywords: atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbsecurity, kbsecbulletin, kbsecreview, kb, kbsecvulnerability, kbmustloc

↑ Back to the top

Article Info
Article ID : 2984625
Revision : 1
Created on : 1/7/2017
Published on : 10/1/2014
Exists online : False
Views : 108