Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Description of the security update for the Microsoft Color Management information disclosure vulnerability in Windows Server 2008: January 3, 2018

Description of the security update for the Microsoft Color Management information disclosure vulnerability in Windows Server 2008: January 3, 2018

View products that this article applies to.

Summary

An information disclosure vulnerabilities exists in the way that the Color Management Module (ICM32.dll) handles objects in memory. This vulnerability allows an attacker to retrieve information to bypass usermode ASLR (Address Space Layout Randomization) on a targeted system. By itself, the information disclosure does not allow arbitrary code execution. However, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.

To learn more about the vulnerability, go to CVE-2018-0741.

↑ Back to the top

More Information

Important
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

↑ Back to the top

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

↑ Back to the top

More Information

How to obtain help and support for this security update
Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

↑ Back to the top

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:

Security update deployment information: January 9, 2018

↑ Back to the top

File Information

File hash information
File name SHA1 hash SHA256 hash
Windows6.0-KB4056942-x64.msu 7FC0413BC5B4C22A95F971FBBC1635E3F4F7283D EA5D32B8CFA19290342390B30E5F0FBD88EE0FBEFC830C603BF25CF741236E3C
Windows6.0-KB4056942-x86.msu 05CE724B74F2F73A8814409001D02DFBF0F7E91C DB656811086E69580E11AC42859268866B873C9F4CA6D8B78920E3C78D3617AF
Windows6.0-KB4056942-ia64.msu D0D8D2253CB5134F7AFF42C9EE53EA456E79DA1E 9D27AE120851DF8287630B0614FCB5C923ED7E2C5371166EF139BDF412979724


File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2008 file information

For all supported x64-based versions
File name File version File size Date Time Platform
Icm32.dll 6.0.6002.24259 252,928 09-Dec-2017 01:03 x64
Mscms.dll 6.0.6002.24259 519,680 09-Dec-2017 01:03 x64
Wcspluginservice.dll 6.0.6002.24259 39,936 09-Dec-2017 01:04 x64
Icm32.dll 6.0.6002.24259 215,040 09-Dec-2017 01:15 x86
Mscms.dll 6.0.6002.24259 391,680 09-Dec-2017 01:15 x86
Wcspluginservice.dll 6.0.6002.24259 32,256 09-Dec-2017 01:15 x86
For all supported x86-based versions
File name File version File size Date Time Platform
Icm32.dll 6.0.6002.24259 215,040 09-Dec-2017 01:15 x86
Mscms.dll 6.0.6002.24259 391,680 09-Dec-2017 01:15 x86
Wcspluginservice.dll 6.0.6002.24259 32,256 09-Dec-2017 01:15 x86
For all supported ia64-based versions
File name File version File size Date Time Platform
Icm32.dll 6.0.6002.24259 772,608 09-Dec-2017 00:53 IA-64
Mscms.dll 6.0.6002.24259 1,190,400 09-Dec-2017 00:53 IA-64
Wcspluginservice.dll 6.0.6002.24259 80,896 09-Dec-2017 00:53 IA-64
Icm32.dll 6.0.6002.24259 215,040 09-Dec-2017 01:15 x86
Mscms.dll 6.0.6002.24259 391,680 09-Dec-2017 01:15 x86
Wcspluginservice.dll 6.0.6002.24259 32,256 09-Dec-2017 01:15 x86

↑ Back to the top

Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info
Article ID : 4056942
Revision : 11
Created on : 1/31/2018
Published on : 1/31/2018
Exists online : False
Views : 196