NoticeStarting on March 10, 2020, Microsoft Update is now offering this security update to additional versions of the Windows OS.
An information disclosure vulnerability exists if Visual Studio incorrectly discloses the contents of its memory. An attacker who exploits this vulnerability could view uninitialized memory from the computer that is used to compile a program database file.
To learn more about the vulnerability, go to CVE-2019-0537.
Method 1: Microsoft DownloadThe following file is available for download:
Download the hotfix package now.
To get the stand-alone package for this update, go to the Microsoft Update Catalog website.
PrerequisitesTo apply this security update, you must have Visual Studio 2012 Update 5 installed.Restart requirementYou may have to restart the computer after you apply this security update if an instance of Visual Studio is being used.Security update replacement informationThis security update doesn’t replace other security updates.Issues that are fixed in this security updateThis security update addresses the PDB issue that is described in CVE-2018-1037, in which a PDB file may contain uninitialized heap content in a process that updates an existing PDB file, such as mspdbsrv.exe. We strongly recommend that you use the updated PDBCopy tool to check every existing PDB that you intend to share or distribute.
Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure
Local support according to your country: International Support
File name | SHA1 hash | SHA256 hash |
---|---|---|
VS11-KB4089501.exe | 2BCF6F07640CE853BD95FE9960C8D6460CF855D0 | CD4991BEFA4D0E80D35699B8F55B0C91D08F7D8D8BD26C1B148A43D325C1CCFE |