Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Description of the security update for the Windows remote assistance information disclosure vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: March 13, 2018

Description of the security update for the Windows remote assistance information disclosure vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: March 13, 2018

Notice

This security update was re-released on May 8, 2018 to include an update for Windows Embedded POSReady 2009 and Windows Embedded Standard 2009. The original March 13, 2018 update for Windows Server 2008 has not changed.

↑ Back to the top

Summary

An information disclosure vulnerability exists when Windows Remote Assistance incorrectly processes XML External Entities (XXE).

To learn more about the vulnerability, see CVE-2018-0878.

↑ Back to the top

More Information

Important If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

↑ Back to the top

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

↑ Back to the top

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
Security update deployment information: March 13, 2018

↑ Back to the top

More Information

How to obtain help and support for this security update
Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

↑ Back to the top

Windows Server 2008 file information

File hash information
File name SHA1 hash SHA256 hash
Windows6.0-KB4089453-x86.msu E96AED586F2FD0E65815D631E667B398B0DDD3B5 7678A2BFCCC84B1444519F0D8497ED4623996A44B74A0DC39F4705D4C84F7A0D
Windows6.0-KB4089453-x64.msu 4F7735A9A158389DB55A7B285DD8461C47C884F9 92FF3392B6A4A650D236607C45C1DB98792A0D4002E777DD1E5E54BB2FBD9954


File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For all supported x86-based versions
File name File version File size Date Time Platform
Msra.exe 6.0.6002.24305 465,408 10-Feb-2018 06:15 x86
Msralegacy.tlb 6.0.6002.24305 7,168 10-Feb-2018 06:15 Not applicable
Racpldlg.dll 6.0.6002.24305 40,960 10-Feb-2018 07:09 x86
Sdchange.exe 6.0.6002.24305 82,944 10-Feb-2018 06:15 x86
For all supported x64-based versions
File name File version File size Date Time Platform
Msra.exe 6.0.6002.24305 605,696 10-Feb-2018 06:27 x64
Msralegacy.tlb 6.0.6002.24305 7,168 10-Feb-2018 06:27 Not applicable
Racpldlg.dll 6.0.6002.24305 50,176 10-Feb-2018 06:58 x64
Sdchange.exe 6.0.6002.24305 89,600 10-Feb-2018 06:27 x64
Msra.exe 6.0.6002.24305 132,096 10-Feb-2018 06:15 x86
Msralegacy.tlb 6.0.6002.24305 7,168 10-Feb-2018 06:15 Not applicable
Racpldlg.dll 6.0.6002.24305 40,960 10-Feb-2018 07:09 x86
Sdchange.exe 6.0.6002.24305 82,944 10-Feb-2018 06:15 x86

↑ Back to the top

File Information

File hash information
File nameSHA1 hashSHA256 hash
WindowsXP-KB4089453-v2-x86-Embedded-ENU.exe23B1AEC8D9E41242C20799E66045DC75C089DF616AE421895CF8408ED3C9D6700ACEC30D1D23FE9DB024FF52FA457E4F1994B2CC

File information
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

Windows XP file information
For all supported x86-based versions
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Helpctr.exe5.1.2600.7431769,53610-Feb-201816:39x86SP3SP3QFE
Helphost.exe5.1.2600.7431112,12810-Feb-201816:39x86SP3SP3QFE
Helpsvc.exe5.1.2600.7431744,96010-Feb-201816:39x86SP3SP3QFE
Pchsvc.dll5.1.2600.743138,91206-Apr-201818:33x86SP3SP3QFE
Safrslv.dll5.1.2600.743145,56806-Apr-201818:33x86SP3SP3QFE
Srdiag.exe5.1.2600.743152,73610-Feb-201816:39x86SP3SP3QFE
Uploadm.exe5.1.2600.7431151,04010-Feb-201816:39x86SP3SP3QFE
Updspapi.dll6.3.13.0382,84031-Jan-201818:26x86NoneNot applicable

↑ Back to the top

Keywords: kbsurveynew, kbsecvulnerability, kbsecurity, kbsecreview, kbsecbulletin, kbexpertiseinter, kblangall, kbfix, kb, kbbug, atdownload, kbmustloc

↑ Back to the top

Article Info
Article ID : 4089453
Revision : 14
Created on : 5/3/2018
Published on : 5/8/2018
Exists online : False
Views : 86