Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Update Rollup 13.1 for Windows Azure Pack Web Sites version 2

Update Rollup 13.1 for Windows Azure Pack Web Sites version 2

View products that this article applies to.

Summary

A remote code execution vulnerability exists when Windows Azure Pack Web Sites does not check the length of a buffer before copying memory to it. To learn more about this vulnerability, go to CVE-2019-1372.

This Update Rollup 13.1 for Windows Azure Pack Web Sites version 2 includes a security update that addresses this vulnerability.

This update rollup replaces Update Rollup 13 for Windows Azure Pack Web Sites version 2 (the final feature update for Windows Azure Pack Web Sites V2), and also includes all the fixes that were included in Update Rollup 13.

We recommend that you review the information in this article and also in Update Rollup 13 for Windows Azure Pack Web Sites version 2 before you apply this update.

Note: Windows Azure Pack Web Sites V2 is now in Extended Support, as discussed at https://aka.ms/wapwebsiteslifecycle

↑ Back to the top

Issues that are fixed in this update

This update fixes the following issues:

  • Issue 1: Provides mitigation for the vulnerability discussed in CVE-2019-1372.  

↑ Back to the top

Installation instructions

Installation and upgrade instructions are documented in the Start the installation of Windows Azure Pack: Web Sites topic on the TechNet website. These instructions describe how to upgrade to Update Rollup 13.1 for Windows Azure Pack Web Sites version 2.  

Notice that the installation and upgrade process changed significantly in Update Rollup 6. Therefore, please take the time to review the documentation. 

There is additional guidance provided at this link to monitor the upgrade and to check the upgrade status.  

Because of the changes that were made to the data stores in addition to the executable, this update cannot be rolled back. 

↑ Back to the top

How to obtain and install the update

Method 1: Microsoft Download Center

This update rollup is available for manual download and installation from the Microsoft Download Center.

Download the Windows Azure Pack update package (Download Center)

↑ Back to the top

More information

File hash information

File name SHA1 hash SHA256 hash
Websites.exe 5D29DCA9FDF7B085A3876FA73D51A3A322636D1E C2E89C562A41A170041C5F34E3E60C0C15AC6838ABBB19964E08450DA834D790

 

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

File name File size Version
Websites.exe 4,354,048 bytes 59.1.27.0

↑ Back to the top

Keywords: atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew, kb, Vulnerabilities/exploits/security bulletins, kbContentAuto, kbSupportTopic, kbsecbulletin

↑ Back to the top

Article Info
Article ID : 4524964
Revision : 26
Created on : 2/4/2020
Published on : 2/4/2020
Exists online : False
Views : 118