Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Security update for the Microsoft browser security feature bypass vulnerability in Windows Server 2008: July 11, 2017


View products that this article applies to.

Summary

A security feature bypass vulnerability exists when Microsoft browsers improperly handle redirect requests. This vulnerability allows Microsoft browsers to bypass CORS redirect restrictions and follow redirect requests that should otherwise be ignored. An attacker who successfully exploited this vulnerability could force the browser to send data that would otherwise be restricted to a destination web site of their choice.

To learn more about the vulnerability, go to CVE-2017-8592.

↑ Back to the top


More Information

Important
 
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

↑ Back to the top


How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

↑ Back to the top


Deployment information

For deployment details for this security update, see the following article in the Microsoft Knowledge Base:

↑ Back to the top


More Information

How to obtain help and support for this security update
Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

↑ Back to the top


File Information

File hash information
File name SHA1 hash SHA256 hash
Windows6.0-KB4025240-x86.msu 981D41C8FA79D9501DFDC808EDD718682818FF2E DF8DF53DCFE588BF66FBCD6BF37B7BD67436B0C8F215FE0D8F0FFD3197B018C3
Windows6.0-KB4025240-x64.msu B8E1D04B4D33B16034686B9AD096D82720647F4A 882E699338B20B9A2101A557E19DEBEDBE2F066769C9E218251B11A4D027CF43
Windows6.0-KB4025240-ia64.msu AA4DAFE6150478BA648D9A207CAD46E54519AE58 E200F0A6D64D7005555AC8291F7A6F3FEFD9926DF96EE272868270C8F7CA4091


File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

Windows Server 2008 file information

For all supported x86-based versions
File name File version File size Date Time Platform
Msxml3.dll 8.100.5015.0 1,253,376 28-Jun-2017 16:09 x86
Msxml3r.dll 8.20.8730.1 2,048 27-Aug-2014 00:55 x86
Msxml3.dll 8.100.5015.0 1,253,888 28-Jun-2017 15:25 x86
Msxml3r.dll 8.20.8730.1 2,048 28-Jun-2017 15:25 x86
For all supported x64-based versions
File name File version File size Date Time Platform
Msxml3.dll 8.100.5015.0 1,874,432 28-Jun-2017 16:24 x64
Msxml3r.dll 8.20.8730.1 2,048 27-Aug-2014 00:41 x64
Msxml3.dll 8.100.5015.0 1,874,944 28-Jun-2017 15:43 x64
Msxml3r.dll 8.20.8730.1 2,048 28-Jun-2017 15:43 x64
Msxml3.dll 8.100.5015.0 1,253,376 28-Jun-2017 16:09 x86
Msxml3r.dll 8.20.8730.1 2,048 27-Aug-2014 00:55 x86
Msxml3.dll 8.100.5015.0 1,253,888 28-Jun-2017 15:25 x86
Msxml3r.dll 8.20.8730.1 2,048 28-Jun-2017 15:25 x86
For all supported ia64-based versions
File name File version File size Date Time Platform
Msxml3.dll 8.100.5015.0 3,171,328 28-Jun-2017 15:50 IA-64
Msxml3r.dll 8.20.8730.1 2,048 27-Aug-2014 00:23 IA-64
Msxml3.dll 8.100.5015.0 3,172,352 28-Jun-2017 15:16 IA-64
Msxml3r.dll 8.20.8730.1 2,048 28-Jun-2017 15:16 IA-64
Msxml3.dll 8.100.5015.0 1,253,376 28-Jun-2017 16:09 x86
Msxml3r.dll 8.20.8730.1 2,048 27-Aug-2014 00:55 x86
Msxml3.dll 8.100.5015.0 1,253,888 28-Jun-2017 15:25 x86
Msxml3r.dll 8.20.8730.1 2,048 28-Jun-2017 15:25 x86

↑ Back to the top


Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info
Article ID : 4025240
Revision : 8
Created on : 7/5/2017
Published on : 7/11/2017
Exists online : False
Views : 205