Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Description of the security update for the information disclosure vulnerability in Visual Studio 2010 Service Pack 1: April 10, 2018

Description of the security update for the information disclosure vulnerability in Visual Studio 2010 Service Pack 1: April 10, 2018

↑ Back to the top

Summary

An information disclosure vulnerability exists if Visual Studio incorrectly discloses the contents of its memory. An attacker who exploits the vulnerability could view uninitialized memory from the computer that is used to compile a program database file.

To learn more about the vulnerability, see CVE-2018-1037.

↑ Back to the top

How to obtain and install the update

Method 1: Microsoft Download

The following file is available for download:

Download Download the hotfix package now.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

↑ Back to the top

More information

Prerequisites

To apply this security update, you must have Visual Studio 2010 Service Pack 1 installed.

Restart requirement

You may have to restart the computer after you apply this security update if an instance of Visual Studio is being used.

Security update replacement information

This security update doesn't replace other security updates.

Issues that are fixed in this security update

This hotfix addresses the PDB security issue that is described in CVE-2018-1037, where PDB file may contain uninitialized heap content in a process that updates an existing PDB file, like mspdbsrv.exe. We strongly recommend that you use the updated PDBCopy tool to check every existing PDB that is shared or distributed for this vulnerability.

How to obtain help and support for this security update
Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure
Local support according to your country: International Support

↑ Back to the top

File information

File hash information

File name SHA1 hash SHA256 hash
VS10SP1-KB4091346-x86.exe 0824D59110CAD470404AA035A411BCF383AC08B0 287646967891FE96A7223D839C69448536C14934D139C3019A5AA2774F068A7F


File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For all supported versions
File name File version File size Date Time Platform
Dhtmlheader.html Not applicable 16,118 10-Mar-2018 05:06 Not applicable
Header.bmp Not applicable 7,308 15-Mar-2018 01:08 Not applicable
Parameterinfo.xml Not applicable 272,150 15-Mar-2018 01:08 Not applicable
Setup.exe 10.0.40219.478 78,992 10-Mar-2018 05:07 x86
Setupengine.dll 10.0.40219.478 810,136 10-Mar-2018 05:07 x86
Setupui.dll 10.0.40219.478 296,080 10-Mar-2018 05:07 x86
Setupui.xsd Not applicable 30,120 10-Mar-2018 05:06 Not applicable
Splashscreen.bmp Not applicable 196,662 15-Mar-2018 01:08 Not applicable
Sqmapi.dll 6.0.6000.16386 144,416 10-Mar-2018 04:18 x86
Strings.xml Not applicable 13,606 15-Mar-2018 01:08 Not applicable
Uiinfo.xml Not applicable 38,096 15-Mar-2018 01:08 Not applicable
Watermark.bmp Not applicable 325,760 15-Mar-2018 01:08 Not applicable
Eula.rtf Not applicable 2,060 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 28,064 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 14,496 10-Mar-2018 05:10 x86
Eula.rtf Not applicable 1,307 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 38,260 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 19,104 10-Mar-2018 05:10 x86
Eula.rtf Not applicable 1,015 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 35,954 11-Mar-2018 09:19 Not applicable
Setupresources.dll 10.0.40219.478 17,568 10-Mar-2018 05:07 x86
Eula.rtf Not applicable 1,206 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 37,998 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 19,104 10-Mar-2018 05:10 x86
Eula.rtf Not applicable 1,244 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 37,346 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 18,592 10-Mar-2018 05:10 x86
Eula.rtf Not applicable 2,882 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 31,236 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 16,032 10-Mar-2018 05:10 x86
Eula.rtf Not applicable 3,723 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 30,320 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 15,520 10-Mar-2018 05:10 x86
Eula.rtf Not applicable 3,219 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 37,872 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 19,104 10-Mar-2018 05:10 x86
Eula.rtf Not applicable 1,932 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 28,038 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 14,496 10-Mar-2018 05:10 x86
Eula.rtf Not applicable 1,197 15-Mar-2018 01:08 Not applicable
Localizeddata.xml Not applicable 37,468 15-Mar-2018 01:08 Not applicable
Setupresources.dll 10.0.40219.478 19,104 10-Mar-2018 05:10 x86
Print.ico Not applicable 1,150 10-Mar-2018 05:06 Not applicable
Rotate1.ico Not applicable 894 10-Mar-2018 05:06 Not applicable
Rotate2.ico Not applicable 894 10-Mar-2018 05:06 Not applicable
Rotate3.ico Not applicable 894 10-Mar-2018 05:06 Not applicable
Rotate4.ico Not applicable 894 10-Mar-2018 05:06 Not applicable
Rotate5.ico Not applicable 894 10-Mar-2018 05:06 Not applicable
Rotate6.ico Not applicable 894 10-Mar-2018 05:06 Not applicable
Rotate7.ico Not applicable 894 10-Mar-2018 05:06 Not applicable
Rotate8.ico Not applicable 894 10-Mar-2018 05:06 Not applicable
Save.ico Not applicable 1,150 10-Mar-2018 05:06 Not applicable
Setup.ico Not applicable 36,710 10-Mar-2018 05:06 Not applicable
Stop.ico Not applicable 10,134 10-Mar-2018 05:06 Not applicable
Sysreqmet.ico Not applicable 1,150 10-Mar-2018 05:06 Not applicable
Sysreqnotmet.ico Not applicable 1,150 10-Mar-2018 05:06 Not applicable
Warn.ico Not applicable 10,134 10-Mar-2018 05:06 Not applicable
Fl_mspdb100.dll_107301_107301_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 259,736 15-Mar-2018 00:45 Not applicable
Fl_mspdb71_dll_2_60032_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 242,328 10-Mar-2018 07:49 Not applicable
Fl_mspdbcore_dll_107302_107302_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 490,648 15-Mar-2018 00:45 Not applicable
Fl_mspdbcore_dll_135519_135519_amd64_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 490,648 15-Mar-2018 00:45 Not applicable
Fl_mspdbcore_dll_135519_135519_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 366,744 10-Mar-2018 07:49 Not applicable
Fl_mspdbcore_dll_92167_92167_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 366,744 10-Mar-2018 07:49 Not applicable
Fl_mspdbsrv_exe_105148_105148_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 158,360 15-Mar-2018 00:45 Not applicable
Fl_mspdbsrv_exe_135545_135545_amd64_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 158,360 15-Mar-2018 00:45 Not applicable
Fl_mspdbsrv_exe_135545_135545_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 116,888 10-Mar-2018 07:49 Not applicable
Fl_mspdbsrv_exe_92168_92168_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 116,888 10-Mar-2018 07:49 Not applicable
Fl_mspdbst_dll_amd64 10.0.40219.478 462,480 15-Mar-2018 00:45 Not applicable
Fl_mspdbst_dll_x86 10.0.40219.478 343,184 15-Mar-2018 00:45 Not applicable
Fl_mspdbst_dll_x86_ln.3643236f_fc70_11d3_a536_0090278a1bb8 10.0.40219.478 343,184 15-Mar-2018 00:45 Not applicable

 

↑ Back to the top

Keywords: atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew, kb, kbmustloc

↑ Back to the top

Article Info
Article ID : 4091346
Revision : 36
Created on : 3/4/2020
Published on : 3/18/2020
Exists online : False
Views : 159