Description of the Security Only update for .NET Framework 4.5.2 for Windows Server 2012 (KB 4095518)

Summary

This update resolves a vulnerability in Microsoft .NET Framework that could cause denial of service when .NET Framework and .NET core components process XML documents incorrectly. An attacker who has successfully exploited this vulnerability could cause a denial of service against a .NET Framework application. To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2018-0765.Additionally, this update resolves a security feature bypass vulnerability in Windows that could allow an attacker to bypass Device Guard. An attacker who successfully exploits this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the computer. To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2018-1039. Important

• If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Additional information about this security update

For more information about this security update as it relates to Windows Server 2012, see the following article in the Microsoft Knowledge Base:4099638 Security Only update for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 updates for Windows Server 2012 (KB 4099638)

How to obtain and install the update

Method 1: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog.

Method 2: Windows Software Update Services (WSUS)

On your WSUS server, follow these steps:

1. Click Start, clickAdministrative Tools, and then clickMicrosoft Windows Server Update Services 3.0.
2. Expand ComputerName, and then clickAction.
3. Click Import Updates.
4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.
5. After the control is installed, you see the Microsoft Update Catalog screen. Enter4099638into theSearchbox, and then clickSearch.
6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click Add to add them to your basket.
7. After you select all the packages that you need, click View Basket.
8. To import the packages to your WSUS server, click Import.
9. After the packages are imported, click Close to return to WSUS.
   The updates are now available for installation through WSUS.

Update deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:20180508 Security update deployment information: May 8, 2018

Update removal information

Note We do not recommend that you remove any security update. To remove this update, use thePrograms and Features item in Control Panel.

Update restart information

This update does not require a system restart after you apply it unless files that are being updated are locked or are being used.

Update replacement information

This update does not replace any previously released update.
File information
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

Windows Server 2012 file information

**Note:**The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

File information

File hash information

File name	SHA1 hash	SHA256 hash
Windows8-RT-KB4095518-x64.msu	799BCF96F130656E403E29BB89933DFC8AAE3E5F	0B80CD623965F360E828D4016351B47DA1C8611BAA337B94C146A76BEFDF1999
Windows8-RT-KB4095518-x86.msu	1DD49583AB3F8AA845BF3225024C2CED8078F741	FF9D4797695863497D19459C8F6A763E96B39D1924544376BDFA154EC8D729E3

For all supported x64-based versions

File name	File version	File size	Date	Time
mscorlib.dll	4.0.30319.36440	5,219,984	27-Mar-2018	17:37
normidna.nlp		59,342	15-Nov-2017	00:49
normnfc.nlp		47,076	15-Nov-2017	00:49
normnfd.nlp		40,566	15-Nov-2017	00:49
normnfkc.nlp		67,808	15-Nov-2017	00:49
normnfkd.nlp		61,718	15-Nov-2017	00:49
clrjit.dll	4.0.30319.36440	1,234,568	27-Mar-2018	17:37
clr.dll	4.0.30319.36440	10,070,136	27-Mar-2018	17:37
mscordacwks.dll	4.0.30319.36440	1,731,224	27-Mar-2018	17:37
mscordbi.dll	4.0.30319.36440	1,533,584	27-Mar-2018	17:37
msvcp120_clr0400.dll	12.0.52430.36430	678,568	12-Dec-2017	19:06
msvcr120_clr0400.dll	12.0.52430.36430	869,544	12-Dec-2017	19:06
peverify.dll	4.0.30319.36440	225,936	27-Mar-2018	17:37
sos.dll	4.0.30319.36440	822,904	27-Mar-2018	17:37
system.security.dll	4.0.30319.36440	301,648	27-Mar-2018	17:37
system.security.dll	4.0.30319.36440	301,648	27-Mar-2018	17:37
mscorlib.dll	4.0.30319.36440	5,266,064	27-Mar-2018	17:37
normidna.nlp		59,342	15-Nov-2017	00:50
normnfc.nlp		47,076	15-Nov-2017	00:50
normnfd.nlp		40,566	15-Nov-2017	00:50
normnfkc.nlp		67,808	15-Nov-2017	00:50
normnfkd.nlp		61,718	15-Nov-2017	00:50
clrjit.dll	4.0.30319.36440	509,064	27-Mar-2018	17:37
clr.dll	4.0.30319.36440	6,938,232	27-Mar-2018	17:37
mscordacwks.dll	4.0.30319.36440	1,284,248	27-Mar-2018	17:37
mscordbi.dll	4.0.30319.36440	1,107,600	27-Mar-2018	17:37
msvcp120_clr0400.dll	12.0.52430.36430	536,744	12-Dec-2017	19:05
msvcr120_clr0400.dll	12.0.52430.36430	875,688	12-Dec-2017	19:05
peverify.dll	4.0.30319.36440	163,984	27-Mar-2018	17:37
sos.dll	4.0.30319.36440	762,488	27-Mar-2018	17:37

For all supported x86-based versions

File name	File version	File size	Date	Time
system.security.dll	4.0.30319.36440	301,648	27-Mar-2018	17:37
mscorlib.dll	4.0.30319.36440	5,266,064	27-Mar-2018	17:37
normidna.nlp		59,342	15-Nov-2017	00:50
normnfc.nlp		47,076	15-Nov-2017	00:50
normnfd.nlp		40,566	15-Nov-2017	00:50
normnfkc.nlp		67,808	15-Nov-2017	00:50
normnfkd.nlp		61,718	15-Nov-2017	00:50
clrjit.dll	4.0.30319.36440	509,064	27-Mar-2018	17:37
clr.dll	4.0.30319.36440	6,938,232	27-Mar-2018	17:37
mscordacwks.dll	4.0.30319.36440	1,284,248	27-Mar-2018	17:37
mscordbi.dll	4.0.30319.36440	1,107,600	27-Mar-2018	17:37
msvcp120_clr0400.dll	12.0.52430.36430	536,744	12-Dec-2017	19:05
msvcr120_clr0400.dll	12.0.52430.36430	875,688	12-Dec-2017	19:05
peverify.dll	4.0.30319.36440	163,984	27-Mar-2018	17:37
sos.dll	4.0.30319.36440	762,488	27-Mar-2018	17:37

How to obtain help and support for this security update

• Help for installing updates: Windows Update FAQ
• Security solutions for IT professionals: TechNet Security Support and Troubleshooting
• Help for protecting your Windows-based products and services from viruses and malware: Microsoft Secure
• Local support according to your country: International Support