MS16-041: Security update for the .NET Framework: April 12, 2016

<html><body><p>Resolves vulnerabilities in Microsoft .NET Framework that could cause remote code execution if an attacker with access to the local system executes a malicious application.</p><h2></h2><div><br /><a href=“#appliestoproducts” target>View products that this article applies to.</a><span></span></div><h2>Summary</h2><div>This security update resolves vulnerabilities in the Microsoft .NET Framework. The more severe of the vulnerabilities could cause remote code execution if an attacker with access to the local system executes a malicious application. To learn more about the vulnerability, see <a href=“https://technet.microsoft.com/library/security/ms16-041” target=“self">Microsoft Security Bulletin MS16-041</a>.</div><h2></h2><div><span>Important</span><br /><br /><ul><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a href=“https://technet.microsoft.com/en-us/library/hh825699” target="self">Add language packs to Windows</a>. <br /></li></ul></div><h2>Additional information about this security update</h2><div>The following article contains additional information about this security update as it relates to individual product versions. The article may contain known issue information.<br /><br /><span>Microsoft .NET Framework 4.6 and 4.6.1</span><br /><br /><ul><li><a href=“https://support.microsoft.com/en-us/help/3143693”>3143693 </a> MS16-041: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: April 12, 2016</li></ul></div><h2></h2><div><div><div><div><span><span></span></span><span><span>Security update deployment information</span></span></div><div><span><div><h4>Windows Vista (all editions)</h4><span>Reference table</span><br /><br />The following table contains the security update information for this software. <br /><br /><div><table><tr><td><span>Security update file names</span></td><td>For Microsoft .NET Framework 4.6 when installed on all supported 32-bit editions of Windows Vista:<br /><span>NDP46-KB3143693-x86.exe</span></td></tr><tr><td></td><td>For Microsoft .NET Framework 4.6 when installed on all supported x64-based editions of Windows Vista:<br /><span>NDP46-KB3143693-x64.exe</span></td></tr><tr><td><span>Installation switches</span></td><td>For Microsoft .NET Framework, see <a href=“https://support.microsoft.com/help/2844699” target="self">Microsoft Knowledge Base article 2844699</a></td></tr><tr><td><span>Update log file</span></td><td>For Microsoft .NET Framework 4.6:<br />KB3143693**-Microsoft .NET Framework 4.6/4.6.1-MSP0.txt<br />KB3143693_.html</td></tr><tr><td><span>Restart requirement</span></td><td>This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.</td></tr><tr><td><span>Removal information</span></td><td>Click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under <strong>Windows Update</strong>, click <strong>View installed updates</strong>, and then select from the list of updates.</td></tr><tr><td><span>File information</span></td><td>See the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.</td></tr><tr><td><span>Registry key verification</span></td><td>For Microsoft .NET Framework 4.6:<br /><strong>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.6/4.6.1\KB3143693</strong><br /><strong>“ThisVersionInstalled” = “Y”</strong></td></tr></table></div><h4>Windows Server 2008 (all editions)</h4><span>Reference table</span><br /><br />The following table contains the security update information for this software. <br /><br /><div><table><tr><td><span>Security update file names </span></td><td>For Microsoft .NET Framework 4.6 when installed on all supported 32-bit editions of Windows Server 2008 Service Pack 2:<br /><span>NDP46-KB3143693-x86.exe</span></td></tr><tr><td></td><td>For Microsoft .NET Framework 4.6 on all supported x64-based editions of Windows Server 2008 Service Pack 2:<br /><span>NDP46-KB3143693-x64.exe</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/2844699” target=“self">Microsoft Knowledge Base article 2844699</a></td></tr><tr><td><span>Update log file</span></td><td>For Microsoft .NET Framework 4.6:<br />KB3143693_-Microsoft .NET Framework 4.6/4.6.1-MSP0.txt<br />KB3143693__.html</td></tr><tr><td><span>Restart requirement</span></td><td>This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.</td></tr><tr><td><span>Removal information</span></td><td>Click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under <strong>Windows Update</strong>, click <strong>View installed updates</strong>, and then select from the list of updates.</td></tr><tr><td><span>File information</span></td><td>See the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.</td></tr><tr><td><span>Registry key verification</span></td><td>For Microsoft .NET Framework 4.6:<br /><strong>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.6/4.6.1\KB3143693</strong><br /><strong>“ThisVersionInstalled” = “Y”</strong></td></tr></table></div><h4>Windows 7 (all editions)</h4><span>Reference table</span><br /><br />The following table contains the security update information for this software. <br /><br /><div><table><tr><td><span>Security update file name </span></td><td>For Microsoft .NET Framework 4.6/4.6.1 when installed on all supported 32-bit editions of Windows 7 Service Pack 1:<br /><span>NDP46-KB3143693-x86.exe</span></td></tr><tr><td></td><td>For Microsoft .NET Framework 4.6/4.6.1 when installed on all supported x64-based editions of Windows 7 Service Pack 1:<br /><span>NDP46-KB3143693-x64.exe</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/2844699” target=“self">Microsoft Knowledge Base article 2844699</a></td></tr><tr><td><span>Update log file</span></td><td>For Microsoft .NET Framework 4.6/4.6.1:<br />KB3143693_-Microsoft .NET Framework 4.6/4.6.1-MSP0.txt<br />KB3143693__.html</td></tr><tr><td><span>Restart requirement</span></td><td>This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.</td></tr><tr><td><span>Removal information</span></td><td>Click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under <strong>Windows Update</strong>, click <strong>View installed updates</strong>, and then select from the list of updates.</td></tr><tr><td><span>File information</span></td><td>See the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.</td></tr><tr><td><span>Registry key verification</span></td><td>There is no registry key to validate the presence of this update. Use WMI to detect for the presence of this update.</td></tr><tr><td></td><td>For Microsoft .NET Framework 4.6/4.6.1:<br /><strong>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.6/4.6.1\KB3143693</strong><br /><strong>“ThisVersionInstalled” = “Y”</strong></td></tr></table></div><h4>Windows Server 2008 R2 (all editions)</h4><span>Reference table</span><br /><br />The following table contains the security update information for this software. <br /><br /><div><table><tr><td><span>Security update file name</span></td><td>For Microsoft .NET Framework 4.6/4.6.1 when installed on all supported 32-bit editions of Windows 7 Service Pack 1:<br />NDP46-KB3143693-x64.exe</td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/2844699” target=“self">Microsoft Knowledge Base article 2844699</a></td></tr><tr><td><span>Update log file</span></td><td>For Microsoft .NET Framework 3.5.1:<br />Not applicable</td></tr><tr><td></td><td>For Microsoft .NET Framework 4.6/4.6.1:<br />KB3143693_-Microsoft .NET Framework 4.6/4.6.1-MSP0.txt<br />KB3143693__.html</td></tr><tr><td><span>Restart requirement</span></td><td>This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.</td></tr><tr><td><span>Removal information</span></td><td>Click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under <strong>Windows Update</strong>, click <strong>View installed updates</strong>, and then select from the list of updates.</td></tr><tr><td><span>File information</span></td><td>See the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.</td></tr><tr><td><span>Registry key verification</span></td><td>For Microsoft .NET Framework 4.6/4.6.1:<br /><strong>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.6/4.6.1\KB3143693</strong><br /><strong>“ThisVersionInstalled” = “Y”</strong></td></tr></table></div><div><table><tr><td></td></tr></table></div><br /></div><br /></span></div></div></div><div><div><div><span><span></span></span><span><span>How to obtain help and support for this security update</span></span></div><div><span><div>Help for installing updates: <a href=“https://support.microsoft.com/ph/6527” target=”_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <a href=“https://technet.microsoft.com/security/bb980617.aspx” target=”_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help for protecting your Windows-based computer from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <a href=“https://support.microsoft.com/” target=“_self”>International Support</a></div><br /></span></div></div></div></div><h2></h2><div><a></a><h3>Applies to</h3>This article applies to the following:<ul><li>Microsoft .NET Framework 4.6.1 when used with:<ul><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows 7 Service Pack 1</li></ul></li><li>Microsoft .NET Framework 4.6 when used with:<ul><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 Service Pack 2</li><li>Windows Vista Service Pack 2</li></ul></li></ul></div></body></html>