Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

PDBCopy tool


View products that this article applies to.

Summary

This article describes a hotfix package for the PDBCopy tool (pdbcopy.exe). The hotfix contains a tool that scans and updates PDB files for the PDB security issue that is described in CVE-2018-1037. For more information, see the "Issues that are fixed in this hotfix" section.

Notes

  • This vulnerability mainly affects PDBs that are created by using Visual Studio 2015 and Visual Studio 2017.
  • This vulnerability affects only PDBs that have been updated after they were created.
  • This tool is needed only by developers who share PDB files publicly.

↑ Back to the top


Issues that are fixed in this hotfix

This hotfix addresses the PDB security issue that is described in CVE-2018-1037, in which a PDB file may contain uninitialized heap content when it is modified by a process that updates an existing PDB file, such as Mspdbsrv.exe.

Use PDBCopy tool to scan and update existing PDB files

The PDBCopy tool that is contained in this hotfix scans PDB files for the security issue that is described in CVE-2018-1037. It can also report the affected memory block and update any PDB file to remove improperly disclosed memory within the PDB file.

This tool is provided as an alternative to regenerating PDB files that have a hotfixed version of Visual Studio. It does not change the internal timestamps in the PDB files. This tool works for PDBs that are generated by using any version of Visual Studio.

Usage: PDBCOPY.exe <target.pdb> <backup.pdb> -CVE-2018-1037 {[verbose|autofix]}

Arguments

  • target.pdb: The file name of the PDB file to update.
  • backup.pdb: The name to use for a backup copy of the PDB file.
  • -CVE-2018-1037: This switch causes the tool to report on whether the PDB file is affected by the issue, and optional arguments can report the affected memory block and update the existing PDB file in place to remove the disclosed memory. This switch is exclusive from other PDBCopy switches and takes two optional arguments:
    • verbose: Dumps the memory block from the original PDB file that is removed by the switch.
    • autofix: Updates and zero-fills the affected memory block in the PDB file.

Remarks

PDBCopy.exe updates target.pdb in-place. The tool requires a valid file name for a backup PDB. The backup PDB is created only when the target.pdb file requires updating. Please thoroughly test the fixed PDB before you delete the backup PDB.

Examples

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037

    Reports whether target.pdb is affected by CVE 2018-1037.

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037 verbose

    Reports whether target.pdb is affected by CVE 2018-1037 and, if so, displays the uninitialized memory that is written in target.pdb.

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037 autofix

    Reports whether target.pdb is affected by CVE 2018-1037 and, if so, zero fills the uninitialized memory that is written in target.pdb.

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037 verbose autofix

    Reports whether target.pdb is affected by CVE 2018-1037 and, if so, displays the uninitialized memory that is written in target.pdb and zero fills the uninitialized memory that is written in target.pdb.

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037 autofix verbose

    Reports whether target.pdb is affected by CVE 2018-1037 and, if so, displays the uninitialized memory that is written in target.pdb and zero fills the uninitialized memory that is written in target.pdb.

↑ Back to the top


How to obtain this hotfix

The following files are available for download.

Architecture Link
x64 PDBCopy.exe
x86 PDBCopy.exe


For more information about how to download Microsoft support files, go to the following article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

↑ Back to the top


More information

Prerequisites

This hotfix will install and run on the following operating systems:

  • Windows 10 Version 1507 and later versions: Home, Professional, Education, and Enterprise (LTSB and S are not supported)
  • Windows Server 2016: Standard and Datacenter
  • Windows 8.1 (with Update KB 2919355): Core, Professional, and Enterprise
  • Windows Server 2012 R2 (with Update KB 2919355): Essentials, Standard, and Datacenter
  • Windows 7 SP1 (with latest Windows Updates): Home Premium, Professional, Enterprise, and Ultimate

Restart requirement

This hotfix does not require a system restart.

Hotfix replacement information

This hotfix does not replace other hotfixes.

↑ Back to the top


File Information

File hash information
File name SHA1 hash SHA256 hash
pdbcopy.exe (for x64) DE41225B30A79E266F16B5707D0E70C0535DF451 A2885579DDAC6A1E53B4BA762B539054BB53332A18ED2A7DE1600323BB009FC0
pdbcopy.exe (for x86) 7817E670DB6213C034EE8007C0AE21B6A5E20024 C62C6A49238DE83FC696BF08BC78EA58E50ECC8CCA73BD1E6E59A95653323184

 

↑ Back to the top


Keywords: kbsecurity, kblangall, kbmustloc, atdownload, kbsecvulnerability, kbfix, kbsecreview, kbexpertiseinter, kbsurveynew, kb, kbbug, kbsecbulletin

↑ Back to the top

Article Info
Article ID : 4131751
Revision : 18
Created on : 4/16/2018
Published on : 4/16/2018
Exists online : False
Views : 331