MS12-038: Vulnerability in the .NET Framework could allow remote code execution: June 12, 2012

<html><body><p>Resolves a vulnerability in the .NET Framework that could allow remote code execution on a client system if a user views a specially crafted webpage by using a web browser that can run XAML Browser Applications (XBAPs).</p><h2>Introduction</h2><div>Microsoft has released the security bulletin MS12-038. You can view the complete security bulletin by visiting one of the following Microsoft websites: <ul><li>Home users:<br /><a href=“http://www.microsoft.com/security/pc-security/bulletins/201206.aspx” target=“_self”>http://www.microsoft.com/security/pc-security/bulletins/201206.aspx</a></li><li>IT professionals:<br /><a href=“http://technet.microsoft.com/security/bulletin/ms12-038” target=“_self”>http://technet.microsoft.com/security/bulletin/MS12-038</a></li></ul></div><h2></h2><div><h3>How to obtain help and support for this security update</h3>Help installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <a href=“http://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your computer that is running Windows from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a></div><h2>More Information</h2><div><h4>Additional information about this update</h4>The following articles contain additional information about this update as it relates to individual product versions. The articles may contain specific information to the individual updates such as download URL, prerequisites and command line switches. <br /><ul><li><a href=“https://support.microsoft.com/en-us/help/2686837”>2686837 </a> MS12-038: Description of the security update for the .NET Framework 4.5 on Windows 8 Consumer Preview and Windows Server 8 Beta: June 12, 2012</li><li><a href=“https://support.microsoft.com/en-us/help/2686838”>2686838 </a> MS12-038: Description of the security update for the .NET Framework 4.5 Beta on Windows 7, Windows 7 Service Pack 1, Windows Server 2008 R2, Windows Server 2008 R2 Service Pack 1, and Windows Server 2008 Service Pack 2: June 12, 2012</li><li><a href=“https://support.microsoft.com/en-us/help/2686827”>2686827 </a> MS12-038: Description of the security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: June 12, 2012</li><li><a href=“https://support.microsoft.com/en-us/help/2686830”>2686830 </a> MS12-038: Description of the security update for the .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2: June 12, 2012</li><li><a href=“https://support.microsoft.com/en-us/help/2686831”>2686831 </a> MS12-038: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: June 12, 2012</li><li><a href=“https://support.microsoft.com/en-us/help/2686868”>2686868 </a> MS12-038: Description of the security update for the .NET Framework 3.5 on Windows 8 Consumer Preview and Windows Server 8 Beta: June 12, 2012</li><li><a href=“https://support.microsoft.com/en-us/help/2686833”>2686833 </a> MS12-038: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: June 12, 2012</li><li><a href=“https://support.microsoft.com/en-us/help/2686828”>2686828 </a> MS12-038: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows XP and Windows Server 2003: June 12, 2012</li></ul></div><h2></h2><div><h4>Update replacement information</h4>Update replacement information for each specific update can be found in the Knowledge Base articles that correspond to this update.</div><h2>File hash table</h2><div> <br /> <br /> <br /> <br />The following table lists the thumbprints of the certificates that are used to sign the security updates. Verify the certificate thumbprint in this KB article against the certificate thumbprint indicated on the security update that you download.<br /><br /><br /><br /><br /> <div><table><tr><td><span>Publisher Filename</span></td><td><span>Sha1</span></td><td><span>SHA2</span></td></tr><tr><td>windows6.1-kb2686830-x86.msu</td><td>4278FB1C5102015CA93BDDDE6E9FE07A1689A02E</td><td>35FC2D1AC29900824AB91443F2B32B0C58826D977B3C36755D834FB5C949ED49</td></tr><tr><td>windows6.1-kb2686830-x64.msu</td><td>45AC8BED8959D6FA55B04343B3911563BCAC8DB7</td><td>2D63FFC592FEBFA454715BA88B215DECB93649535C3A1D99709456A64C0234C7</td></tr><tr><td>windows6.1-kb2686830-ia64.msu</td><td>272712E3B00CBCCCF332ED64788F16C1D786673D</td><td>3DF24C21BD8C08A53619567CD153FD405ACA1028075BAF06566C639E312309E1</td></tr><tr><td>windows6.1-kb2686831-x86.msu</td><td>A1C7B74BBD35EE2D53EE54EC626872D4E16041A4</td><td>98FA2DBD4FADEF2FF39FAEC986F2306102AB171C5FBD8E810A741A2E625B5F2B</td></tr><tr><td>windows6.1-kb2686831-x64.msu</td><td>38627B142DC96C05310500FE246A797A3C3B973F</td><td>6E622521EACF9974296E8599D675D6EBF8F6FE14226E61021E30534A52036826</td></tr><tr><td>windows6.1-kb2686831-ia64.msu</td><td>EF47AD3BF910F8068E2CED5DB8AD7EEA94F4E40F</td><td>7519F24DEF405F38B6738A02221A7D7253F1368ED9A81CBAE1611A8387D02954</td></tr><tr><td>windows6.0-kb2686833-x64.msu</td><td>81FCD15DA659F44E3AB65378780D74F928CCE88B</td><td>2708E19F76764A9AA858C10FDD6ECCE29CEBD1B6D7A3A7E6C634B546D4A92956</td></tr><tr><td>windows6.0-kb2686833-ia64.msu</td><td>8EEEC1D28D32B348FE25C1E717409D3C28B67662</td><td>B7042CD9B684D78D319A05895A2118306363FCE7249D5DA4D180A8E7E1B8C95C</td></tr><tr><td>windows6.0-kb2686833-x86.msu</td><td>F01DE6B64EFAE57159AA3CF372DD368DF6276017</td><td>4F97300F8ACCA2127737ED741FD5F5548CA6780167A668047CA7019F7EFA1BFC</td></tr><tr><td>NDP40-KB2686827-x86.exe</td><td>54455C5FD1F76EF694CCC06328DB424FC1BC19BF</td><td>16B56B5C031073E5CA1D5796B69173FB58DF588593D196A6D510B2A56CFCC6B8</td></tr><tr><td>NDP40-KB2686827-x64.exe</td><td>FCFBB9AE55E5C0844320930CC366392B59692916</td><td>A5290AB140CD5B85BA523E8C074BA329D6C25AC80ED44972947EB0575F5BCC6C</td></tr><tr><td>NDP40-KB2686827-IA64.exe</td><td>8B6CD73AE48BC8C5CA317DEC10F1FA55F6AC5012</td><td>32CC9905C9F5702DFAF20725130EAA81ED78834245CF59B232C88600E4176401</td></tr><tr><td>NDP20SP2-KB2686828-x86.exe</td><td>0916B140A156BD6CEA19C2F7431BC63060BCE7D3</td><td>FCF5DB1711D3F96CF120B82BD2A2BB2510F17D1BEA010F41AFF8CA699CFE1C14</td></tr><tr><td>NDP20SP2-KB2686828-x64.exe</td><td>43191A5447CB3C6B822645D47F879F13E6AD0FDE</td><td>E011A6A50E88D5B8985B87B1ECFB2A70D12E9E28B6D46667392447D2D4A68AE9</td></tr><tr><td>NDP20SP2-KB2686828-IA64.exe</td><td>3B5D33D6C2DBC24D8FCF3ACB1FB6DEEA5CD767C8</td><td>C4A56D08F844CAD41BAB298BD7998A8AF9ADAD861969E223030E671E50EF746B</td></tr></table></div></div><h2></h2><div><h3>Applies to</h3>This article applies to the following:<ul><li>Microsoft .NET Framework 4.5 when used with:<ul><li>Windows 8 Consumer Preview</li><li>Windows Server 8 Beta</li></ul></li><li>Microsoft .NET Framework 4.5 Beta when used with:<ul><li>Windows 7</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Server 2008 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 4 when used with:<ul><li>Windows 7</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Microsoft Windows XP Service Pack 3</li><li>Microsoft Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 3.5.1 when used with:<ul><li>Windows 7</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2</li><li>Windows Server 2008 R2 Service Pack 1</li></ul></li><li>Microsoft .NET Framework 3.5 when used with:<ul><li>Windows 8 Consumer Preview</li><li>Windows Server 8 Beta</li></ul></li><li>Microsoft .NET Framework 2.0 Service Pack 2 when used with:<ul><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Microsoft Windows XP Service Pack 3</li><li>Microsoft Windows Server 2003 Service Pack 2</li></ul></li></ul></div></body></html>