Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 SP2 (KB 4344146)

2018-08-14T07:00:00

Description

None ## Summary This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important** * All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll update to be installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll update, see [KB 4019990](<https://support.microsoft.com/en-us/help/4019990>) for Windows 7 SP1 and Windows Server 2008 R2 SP1. Or, see [KB 4019478](<https://support.microsoft.com/en-us/help/4019478>) for Windows Server 2008 SP2. * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>). ## Additional information about this security update For more information about this security update as it relates to Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:[4345590](<https://support.microsoft.com/help/4345590>) Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345590)For more information about this security update as it relates to Windows Server 2008, see the following article in the Microsoft Knowledge Base:[4345593](<https://support.microsoft.com/help/4345593>) Security and Quality updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4345593) ## How to obtain and install the update ### Method 1: Windows Update This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). ### Method 2: Windows Software Update Services (WSUS) On your WSUS server, follow these steps: 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**. 2. Expand **ComputerName**, and then click **Action**. 3. Click **Import Updates**. 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue. 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345590** for Windows 7 SP1 and Windows Server 2008 R2 SP1 or type **4345593** for Windows Server 2008 SP2 in the **Search** box, and then click **Search**. 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket. 7. After you select all the packages that you require, click **View Basket**. 8. To import the packages to your WSUS server, click **Import**. 9. After the packages are imported, click **Close** to return to WSUS. The updates are now available for installation through WSUS. ### Update deployment information For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018 ### Update removal information **Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel. ### Update restart information This update does not require a system restart after you apply it unless files that are being updated are locked or are being used. ### Update replacement information For Windows 7 SP1 and Windows Server 2008 R2 SP1, this update replaces previously released updates [4340556](<https://support.microsoft.com/help/4340556>) and [4291493](<https://support.microsoft.com/help/4291493>).For Windows Server 2008, this update replaces previously released updates [4340559](<https://support.microsoft.com/help/4340559>) and [4291501](<https://support.microsoft.com/help/4291501>). ## File information ## File hash File name| SHA1 hash| SHA256 hash ---|---|--- NDP46-KB4344146-x64.exe| EBCCE1A7FC09850933B9F81F42ED6B6EA6311C59| 5571D662B99751F8C3DD43A79CA64101A44BD86B8C93604BC7ED086E2E800216 NDP46-KB4344146-x86.exe| FC3433B00A2F4F7EF68C6357F526B0C5B28D2807| 34D7D64898A8E615A1FCC430C95E797A152574284A95A4241838828ABFA7754E ## File attributes The English (United States) version of this hotfix installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time ---|---|---|---|--- Aspnet_perf.dll| 4.7.3130.0| 42,656| 27-Jul-2018| 20:45 aspnet_wp.exe| 4.7.3130.0| 46,184| 27-Jul-2018| 20:45 clr.dll| 4.7.3133.0| 7,249,400| 27-Jul-2018| 20:45 clrjit.dll| 4.7.3133.0| 524,288| 27-Jul-2018| 20:45 dfdll.dll| 4.7.3130.0| 159,880| 27-Jul-2018| 20:45 GlobalUserInterface.CompositeFont| | 186,009| 27-Jul-2018| 20:46 mscordacwks.dll| 4.7.3133.0| 1,345,992| 27-Jul-2018| 20:45 mscordbi.dll| 4.7.3133.0| 1,170,440| 27-Jul-2018| 20:45 mscoreei.dll| 4.7.3130.0| 513,176| 27-Jul-2018| 20:45 mscorlib.dll| 4.7.3133.0| 5,638,272| 27-Jul-2018| 20:45 msvcp120_clr0400.dll| 12.0.52519.0| 485,576| 27-Jul-2018| 20:48 msvcr120_clr0400.dll| 12.0.52519.0| 987,840| 27-Jul-2018| 20:48 VsVersion.dll| 14.7.3130.0| 19,096| 27-Jul-2018| 20:45 peverify.dll| 4.7.3133.0| 189,960| 27-Jul-2018| 20:45 PresentationCore.dll| 4.7.3130.0| 3,636,560| 27-Jul-2018| 20:46 PresentationFramework.dll| 4.7.3130.0| 6,235,496| 27-Jul-2018| 20:46 PresentationFramework-SystemData.dll| 4.7.3130.0| 24,312| 27-Jul-2018| 20:46 PresentationHost_v0400.dll| 4.7.3130.0| 214,224| 27-Jul-2018| 20:46 PresentationHost_v0400.dll.mui| 4.7.3130.0| 84,704| 27-Jul-2018| 20:46 PresentationNative_v0400.dll| 4.7.3130.0| 827,096| 27-Jul-2018| 20:46 ServiceMonikerSupport.dll| 4.7.3130.0| 29,384| 27-Jul-2018| 20:45 SMDiagnostics.dll| 4.7.3130.0| 73,808| 27-Jul-2018| 20:45 SOS.dll| 4.7.3133.0| 744,952| 27-Jul-2018| 20:45 System.Activities.dll| 4.7.3130.0| 1,532,544| 27-Jul-2018| 20:45 System.ComponentModel.DataAnnotations.dll| 4.7.3130.0| 127,200| 27-Jul-2018| 20:45 System.Core.dll| 4.7.3130.0| 1,551,944| 27-Jul-2018| 20:45 System.Data.Entity.dll| 4.7.3130.0| 4,034,240| 27-Jul-2018| 20:45 System.DirectoryServices.AccountManagement.dll| 4.7.3130.0| 296,224| 27-Jul-2018| 20:45 System.IdentityModel.dll| 4.7.3130.0| 1,090,176| 27-Jul-2018| 20:45 System.IdentityModel.Services.dll| 4.7.3130.0| 198,376| 27-Jul-2018| 20:45 System.Runtime.Serialization.dll| 4.7.3130.0| 1,056,456| 27-Jul-2018| 20:46 System.ServiceModel.Channels.dll| 4.7.3130.0| 157,928| 27-Jul-2018| 20:46 System.ServiceModel.Discovery.dll| 4.7.3130.0| 308,456| 27-Jul-2018| 20:46 System.ServiceModel.dll| 4.7.3130.0| 6,321,784| 27-Jul-2018| 20:46 System.ServiceModel.Internals.dll| 4.7.3130.0| 260,808| 27-Jul-2018| 20:46 System.ServiceModel.Routing.dll| 4.7.3130.0| 130,784| 27-Jul-2018| 20:46 System.ServiceModel.WasHosting.dll| 4.7.3130.0| 39,656| 27-Jul-2018| 20:46 System.Web.ApplicationServices.dll| 4.7.3130.0| 70,840| 27-Jul-2018| 20:45 System.Web.Extensions.dll| 4.7.3130.0| 1,849,472| 27-Jul-2018| 20:45 System.Workflow.Activities.dll| 4.7.3130.0| 1,051,360| 27-Jul-2018| 20:46 System.Workflow.ComponentModel.dll| 4.7.3130.0| 1,542,384| 27-Jul-2018| 20:46 System.Workflow.Runtime.dll| 4.7.3130.0| 498,896| 27-Jul-2018| 20:46 System.Runtime.Caching.dll| 4.7.3130.0| 109,776| 27-Jul-2018| 20:45 System.Data.dll| 4.7.3130.0| 3,458,720| 27-Jul-2018| 20:45 System.Data.SqlXml.dll| 4.7.3130.0| 734,320| 27-Jul-2018| 20:45 System.Deployment.dll| 4.7.3130.0| 879,232| 27-Jul-2018| 20:45 System.DirectoryServices.Protocols.dll| 4.7.3130.0| 201,424| 27-Jul-2018| 20:45 System.dll| 4.7.3151.0| 3,555,872| 27-Jul-2018| 20:48 System.Drawing.dll| 4.7.3130.0| 600,664| 27-Jul-2018| 20:45 System.Management.dll| 4.7.3130.0| 415,336| 27-Jul-2018| 20:45 System.Net.Http.dll| 4.7.3130.0| 204,384| 27-Jul-2018| 20:45 System.Runtime.Remoting.dll| 4.7.3130.0| 347,280| 27-Jul-2018| 20:45 System.Security.dll| 4.7.3130.0| 325,728| 27-Jul-2018| 20:45 System.Transactions.dll| 4.7.3130.0| 307,392| 27-Jul-2018| 20:45 System.Web.dll| 4.7.3130.0| 5,416,096| 27-Jul-2018| 20:45 System.Windows.Controls.Ribbon.dll| 4.7.3130.0| 742,640| 27-Jul-2018| 20:46 System.Windows.Forms.dll| 4.7.3130.0| 5,236,864| 27-Jul-2018| 20:45 System.Xaml.dll| 4.7.3130.0| 642,120| 27-Jul-2018| 20:46 System.Xml.dll| 4.7.3130.0| 2,670,144| 27-Jul-2018| 20:45 UIAutomationClient.dll| 4.7.3130.0| 178,008| 27-Jul-2018| 20:46 UIAutomationClientsideProviders.dll| 4.7.3130.0| 361,360| 27-Jul-2018| 20:46 UIAutomationProvider.dll| 4.7.3130.0| 48,992| 27-Jul-2018| 20:46 UIAutomationTypes.dll| 4.7.3130.0| 221,016| 27-Jul-2018| 20:46 webengine.dll| 4.7.3130.0| 24,752| 27-Jul-2018| 20:45 webengine4.dll| 4.7.3130.0| 550,040| 27-Jul-2018| 20:45 WindowsBase.dll| 4.7.3130.0| 1,292,112| 27-Jul-2018| 20:46 WMINet_Utils.dll| 4.7.3130.0| 136,360| 27-Jul-2018| 20:45 WorkflowServiceHostPerformanceCounters.dll| 4.7.3130.0| 89,384| 27-Jul-2018| 20:46 WPFFontCache_v0400.exe.mui| 4.7.3130.0| 19,152| 27-Jul-2018| 20:46 WPFFontCache_v0400.exe| 4.7.3130.0| 25,704| 27-Jul-2018| 20:46 wpfgfx_v0400.dll| 4.7.3130.0| 1,345,184| 27-Jul-2018| 20:46 Placeholder.dll| 4.7.3130.0| 24,736| 27-Jul-2018| 20:46 PenIMC2_v0400.dll| 4.7.3130.0| 86,184| 27-Jul-2018| 20:46 **For all supported x64-based systems**File name| File version| File size| Date| Time ---|---|---|---|--- Aspnet_perf.dll| 4.7.3130.0| 46,240| 27-Jul-2018| 20:46 Aspnet_perf.dll| 4.7.3130.0| 42,656| 27-Jul-2018| 20:45 aspnet_wp.exe| 4.7.3130.0| 50,792| 27-Jul-2018| 20:46 aspnet_wp.exe| 4.7.3130.0| 46,184| 27-Jul-2018| 20:45 clr.dll| 4.7.3133.0| 10,378,664| 27-Jul-2018| 20:46 clr.dll| 4.7.3133.0| 7,249,400| 27-Jul-2018| 20:45 clrjit.dll| 4.7.3133.0| 1,227,192| 27-Jul-2018| 20:46 clrjit.dll| 4.7.3133.0| 524,288| 27-Jul-2018| 20:45 compatjit.dll| 4.7.3133.0| 1,262,528| 27-Jul-2018| 20:46 dfdll.dll| 4.7.3130.0| 191,624| 27-Jul-2018| 20:46 dfdll.dll| 4.7.3130.0| 159,880| 27-Jul-2018| 20:45 GlobalUserInterface.CompositeFont| | 186,009| 27-Jul-2018| 20:46 mscordacwks.dll| 4.7.3133.0| 1,843,656| 27-Jul-2018| 20:46 mscordacwks.dll| 4.7.3133.0| 1,345,992| 27-Jul-2018| 20:45 mscordbi.dll| 4.7.3133.0| 1,625,024| 27-Jul-2018| 20:46 mscordbi.dll| 4.7.3133.0| 1,170,440| 27-Jul-2018| 20:45 mscoreei.dll| 4.7.3130.0| 632,464| 27-Jul-2018| 20:46 mscoreei.dll| 4.7.3130.0| 513,176| 27-Jul-2018| 20:45 mscorlib.dll| 4.7.3133.0| 5,420,992| 27-Jul-2018| 20:46 mscorlib.dll| 4.7.3133.0| 5,638,272| 27-Jul-2018| 20:45 msvcp120_clr0400.dll| 12.0.52519.0| 690,008| 28-Jul-2018| 00:29 msvcp120_clr0400.dll| 12.0.52519.0| 485,576| 27-Jul-2018| 20:48 msvcr120_clr0400.dll| 12.0.52519.0| 993,632| 28-Jul-2018| 00:29 msvcr120_clr0400.dll| 12.0.52519.0| 987,840| 27-Jul-2018| 20:48 VsVersion.dll| 14.7.3130.0| 19,096| 27-Jul-2018| 20:46 VsVersion.dll| 14.7.3130.0| 19,096| 27-Jul-2018| 20:45 peverify.dll| 4.7.3133.0| 263,104| 27-Jul-2018| 20:46 peverify.dll| 4.7.3133.0| 189,960| 27-Jul-2018| 20:45 PresentationCore.dll| 4.7.3130.0| 3,613,368| 27-Jul-2018| 20:46 PresentationCore.dll| 4.7.3130.0| 3,636,560| 27-Jul-2018| 20:46 PresentationFramework.dll| 4.7.3130.0| 6,235,496| 27-Jul-2018| 20:46 PresentationFramework-SystemData.dll| 4.7.3130.0| 24,312| 27-Jul-2018| 20:46 PresentationHost_v0400.dll| 4.7.3130.0| 277,712| 27-Jul-2018| 20:46 PresentationHost_v0400.dll.mui| 4.7.3130.0| 84,704| 27-Jul-2018| 20:46 PresentationHost_v0400.dll| 4.7.3130.0| 214,224| 27-Jul-2018| 20:46 PresentationHost_v0400.dll.mui| 4.7.3130.0| 84,704| 27-Jul-2018| 20:46 PresentationNative_v0400.dll| 4.7.3130.0| 1,109,712| 27-Jul-2018| 20:46 PresentationNative_v0400.dll| 4.7.3130.0| 827,096| 27-Jul-2018| 20:46 ServiceMonikerSupport.dll| 4.7.3130.0| 31,456| 27-Jul-2018| 20:46 ServiceMonikerSupport.dll| 4.7.3130.0| 29,384| 27-Jul-2018| 20:45 SMDiagnostics.dll| 4.7.3130.0| 73,808| 27-Jul-2018| 20:45 SOS.dll| 4.7.3133.0| 874,920| 27-Jul-2018| 20:46 SOS.dll| 4.7.3133.0| 744,952| 27-Jul-2018| 20:45 System.Activities.dll| 4.7.3130.0| 1,532,544| 27-Jul-2018| 20:45 System.ComponentModel.DataAnnotations.dll| 4.7.3130.0| 127,200| 27-Jul-2018| 20:45 System.Core.dll| 4.7.3130.0| 1,551,944| 27-Jul-2018| 20:45 System.Data.Entity.dll| 4.7.3130.0| 4,034,240| 27-Jul-2018| 20:45 System.DirectoryServices.AccountManagement.dll| 4.7.3130.0| 296,224| 27-Jul-2018| 20:45 System.IdentityModel.dll| 4.7.3130.0| 1,090,176| 27-Jul-2018| 20:45 System.IdentityModel.Services.dll| 4.7.3130.0| 198,376| 27-Jul-2018| 20:45 System.Runtime.Serialization.dll| 4.7.3130.0| 1,056,456| 27-Jul-2018| 20:46 System.ServiceModel.Channels.dll| 4.7.3130.0| 157,928| 27-Jul-2018| 20:46 System.ServiceModel.Discovery.dll| 4.7.3130.0| 308,456| 27-Jul-2018| 20:46 System.ServiceModel.dll| 4.7.3130.0| 6,321,784| 27-Jul-2018| 20:46 System.ServiceModel.Internals.dll| 4.7.3130.0| 260,808| 27-Jul-2018| 20:46 System.ServiceModel.Routing.dll| 4.7.3130.0| 130,784| 27-Jul-2018| 20:46 System.ServiceModel.WasHosting.dll| 4.7.3130.0| 39,656| 27-Jul-2018| 20:46 System.Web.ApplicationServices.dll| 4.7.3130.0| 70,840| 27-Jul-2018| 20:45 System.Web.Extensions.dll| 4.7.3130.0| 1,849,472| 27-Jul-2018| 20:45 System.Workflow.Activities.dll| 4.7.3130.0| 1,051,360| 27-Jul-2018| 20:46 System.Workflow.ComponentModel.dll| 4.7.3130.0| 1,542,384| 27-Jul-2018| 20:46 System.Workflow.Runtime.dll| 4.7.3130.0| 498,896| 27-Jul-2018| 20:46 System.Runtime.Caching.dll| 4.7.3130.0| 109,776| 27-Jul-2018| 20:45 System.Data.dll| 4.7.3130.0| 3,520,672| 27-Jul-2018| 20:46 System.Data.dll| 4.7.3130.0| 3,458,720| 27-Jul-2018| 20:45 System.Data.SqlXml.dll| 4.7.3130.0| 734,320| 27-Jul-2018| 20:45 System.Deployment.dll| 4.7.3130.0| 879,232| 27-Jul-2018| 20:45 System.DirectoryServices.Protocols.dll| 4.7.3130.0| 201,424| 27-Jul-2018| 20:45 System.dll| 4.7.3151.0| 3,555,872| 27-Jul-2018| 20:48 System.Drawing.dll| 4.7.3130.0| 600,664| 27-Jul-2018| 20:45 System.Management.dll| 4.7.3130.0| 415,336| 27-Jul-2018| 20:45 System.Net.Http.dll| 4.7.3130.0| 204,384| 27-Jul-2018| 20:45 System.Runtime.Remoting.dll| 4.7.3130.0| 347,280| 27-Jul-2018| 20:45 System.Security.dll| 4.7.3130.0| 325,728| 27-Jul-2018| 20:45 System.Transactions.dll| 4.7.3130.0| 310,464| 27-Jul-2018| 20:46 System.Transactions.dll| 4.7.3130.0| 307,392| 27-Jul-2018| 20:45 System.Web.dll| 4.7.3130.0| 5,398,192| 27-Jul-2018| 20:46 System.Web.dll| 4.7.3130.0| 5,416,096| 27-Jul-2018| 20:45 System.Windows.Controls.Ribbon.dll| 4.7.3130.0| 742,640| 27-Jul-2018| 20:46 System.Windows.Forms.dll| 4.7.3130.0| 5,236,864| 27-Jul-2018| 20:45 System.Xaml.dll| 4.7.3130.0| 642,120| 27-Jul-2018| 20:46 System.XML.dll| 4.7.3130.0| 2,670,144| 27-Jul-2018| 20:45 UIAutomationClient.dll| 4.7.3130.0| 178,008| 27-Jul-2018| 20:46 UIAutomationClientsideProviders.dll| 4.7.3130.0| 361,360| 27-Jul-2018| 20:46 UIAutomationProvider.dll| 4.7.3130.0| 48,992| 27-Jul-2018| 20:46 UIAutomationTypes.dll| 4.7.3130.0| 221,016| 27-Jul-2018| 20:46 webengine.dll| 4.7.3130.0| 26,264| 27-Jul-2018| 20:46 webengine.dll| 4.7.3130.0| 24,752| 27-Jul-2018| 20:45 webengine4.dll| 4.7.3130.0| 667,296| 27-Jul-2018| 20:46 webengine4.dll| 4.7.3130.0| 550,040| 27-Jul-2018| 20:45 WindowsBase.dll| 4.7.3130.0| 1,292,112| 27-Jul-2018| 20:46 WMINet_Utils.dll| 4.7.3130.0| 188,072| 27-Jul-2018| 20:46 WMINet_Utils.dll| 4.7.3130.0| 136,360| 27-Jul-2018| 20:45 WorkflowServiceHostPerformanceCounters.dll| 4.7.3130.0| 101,136| 27-Jul-2018| 20:46 WorkflowServiceHostPerformanceCounters.dll| 4.7.3130.0| 89,384| 27-Jul-2018| 20:46 WPFFontCache_v0400.exe.mui| 4.7.3130.0| 19,168| 27-Jul-2018| 20:46 WPFFontCache_v0400.exe.mui| 4.7.3130.0| 19,152| 27-Jul-2018| 20:46 WPFFontCache_v0400.exe| 4.7.3130.0| 26,728| 27-Jul-2018| 20:46 WPFFontCache_v0400.exe| 4.7.3130.0| 25,704| 27-Jul-2018| 20:46 wpfgfx_v0400.dll| 4.7.3130.0| 1,764,520| 27-Jul-2018| 20:46 wpfgfx_v0400.dll| 4.7.3130.0| 1,345,184| 27-Jul-2018| 20:46 Placeholder.dll| 4.7.3130.0| 25,760| 27-Jul-2018| 20:46 Placeholder.dll| 4.7.3130.0| 24,736| 27-Jul-2018| 20:46 PenIMC2_v0400.dll| 4.7.3130.0| 104,616| 27-Jul-2018| 20:46 PenIMC2_v0400.dll| 4.7.3130.0| 86,184| 27-Jul-2018| 20:46 ## How to obtain help and support for this security update * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>) * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>) * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>) * Local support according to your country: [International Support](<http://support.microsoft.com>)

{"id": "KB4344146", "vendorId": null, "type": "mskb", "bulletinFamily": "microsoft", "title": "Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 SP2 (KB 4344146)", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll update to be installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll update, see [KB 4019990](<https://support.microsoft.com/en-us/help/4019990>) for Windows 7 SP1 and Windows Server 2008 R2 SP1. Or, see [KB 4019478](<https://support.microsoft.com/en-us/help/4019478>) for Windows Server 2008 SP2.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:[4345590](<https://support.microsoft.com/help/4345590>) Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345590)For more information about this security update as it relates to Windows Server 2008, see the following article in the Microsoft Knowledge Base:[4345593](<https://support.microsoft.com/help/4345593>) Security and Quality updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4345593)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345590** for Windows 7 SP1 and Windows Server 2008 R2 SP1 or type **4345593** for Windows Server 2008 SP2 in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nFor Windows 7 SP1 and Windows Server 2008 R2 SP1, this update replaces previously released updates [4340556](<https://support.microsoft.com/help/4340556>) and [4291493](<https://support.microsoft.com/help/4291493>).For Windows Server 2008, this update replaces previously released updates [4340559](<https://support.microsoft.com/help/4340559>) and [4291501](<https://support.microsoft.com/help/4291501>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nNDP46-KB4344146-x64.exe| EBCCE1A7FC09850933B9F81F42ED6B6EA6311C59| 5571D662B99751F8C3DD43A79CA64101A44BD86B8C93604BC7ED086E2E800216 \nNDP46-KB4344146-x86.exe| FC3433B00A2F4F7EF68C6357F526B0C5B28D2807| 34D7D64898A8E615A1FCC430C95E797A152574284A95A4241838828ABFA7754E \n \n\n\n## File attributes \n\nThe English (United States) version of this hotfix installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nAspnet_perf.dll| 4.7.3130.0| 42,656| 27-Jul-2018| 20:45 \naspnet_wp.exe| 4.7.3130.0| 46,184| 27-Jul-2018| 20:45 \nclr.dll| 4.7.3133.0| 7,249,400| 27-Jul-2018| 20:45 \nclrjit.dll| 4.7.3133.0| 524,288| 27-Jul-2018| 20:45 \ndfdll.dll| 4.7.3130.0| 159,880| 27-Jul-2018| 20:45 \nGlobalUserInterface.CompositeFont| | 186,009| 27-Jul-2018| 20:46 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 27-Jul-2018| 20:45 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 27-Jul-2018| 20:45 \nmscoreei.dll| 4.7.3130.0| 513,176| 27-Jul-2018| 20:45 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 27-Jul-2018| 20:45 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 27-Jul-2018| 20:48 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 27-Jul-2018| 20:48 \nVsVersion.dll| 14.7.3130.0| 19,096| 27-Jul-2018| 20:45 \npeverify.dll| 4.7.3133.0| 189,960| 27-Jul-2018| 20:45 \nPresentationCore.dll| 4.7.3130.0| 3,636,560| 27-Jul-2018| 20:46 \nPresentationFramework.dll| 4.7.3130.0| 6,235,496| 27-Jul-2018| 20:46 \nPresentationFramework-SystemData.dll| 4.7.3130.0| 24,312| 27-Jul-2018| 20:46 \nPresentationHost_v0400.dll| 4.7.3130.0| 214,224| 27-Jul-2018| 20:46 \nPresentationHost_v0400.dll.mui| 4.7.3130.0| 84,704| 27-Jul-2018| 20:46 \nPresentationNative_v0400.dll| 4.7.3130.0| 827,096| 27-Jul-2018| 20:46 \nServiceMonikerSupport.dll| 4.7.3130.0| 29,384| 27-Jul-2018| 20:45 \nSMDiagnostics.dll| 4.7.3130.0| 73,808| 27-Jul-2018| 20:45 \nSOS.dll| 4.7.3133.0| 744,952| 27-Jul-2018| 20:45 \nSystem.Activities.dll| 4.7.3130.0| 1,532,544| 27-Jul-2018| 20:45 \nSystem.ComponentModel.DataAnnotations.dll| 4.7.3130.0| 127,200| 27-Jul-2018| 20:45 \nSystem.Core.dll| 4.7.3130.0| 1,551,944| 27-Jul-2018| 20:45 \nSystem.Data.Entity.dll| 4.7.3130.0| 4,034,240| 27-Jul-2018| 20:45 \nSystem.DirectoryServices.AccountManagement.dll| 4.7.3130.0| 296,224| 27-Jul-2018| 20:45 \nSystem.IdentityModel.dll| 4.7.3130.0| 1,090,176| 27-Jul-2018| 20:45 \nSystem.IdentityModel.Services.dll| 4.7.3130.0| 198,376| 27-Jul-2018| 20:45 \nSystem.Runtime.Serialization.dll| 4.7.3130.0| 1,056,456| 27-Jul-2018| 20:46 \nSystem.ServiceModel.Channels.dll| 4.7.3130.0| 157,928| 27-Jul-2018| 20:46 \nSystem.ServiceModel.Discovery.dll| 4.7.3130.0| 308,456| 27-Jul-2018| 20:46 \nSystem.ServiceModel.dll| 4.7.3130.0| 6,321,784| 27-Jul-2018| 20:46 \nSystem.ServiceModel.Internals.dll| 4.7.3130.0| 260,808| 27-Jul-2018| 20:46 \nSystem.ServiceModel.Routing.dll| 4.7.3130.0| 130,784| 27-Jul-2018| 20:46 \nSystem.ServiceModel.WasHosting.dll| 4.7.3130.0| 39,656| 27-Jul-2018| 20:46 \nSystem.Web.ApplicationServices.dll| 4.7.3130.0| 70,840| 27-Jul-2018| 20:45 \nSystem.Web.Extensions.dll| 4.7.3130.0| 1,849,472| 27-Jul-2018| 20:45 \nSystem.Workflow.Activities.dll| 4.7.3130.0| 1,051,360| 27-Jul-2018| 20:46 \nSystem.Workflow.ComponentModel.dll| 4.7.3130.0| 1,542,384| 27-Jul-2018| 20:46 \nSystem.Workflow.Runtime.dll| 4.7.3130.0| 498,896| 27-Jul-2018| 20:46 \nSystem.Runtime.Caching.dll| 4.7.3130.0| 109,776| 27-Jul-2018| 20:45 \nSystem.Data.dll| 4.7.3130.0| 3,458,720| 27-Jul-2018| 20:45 \nSystem.Data.SqlXml.dll| 4.7.3130.0| 734,320| 27-Jul-2018| 20:45 \nSystem.Deployment.dll| 4.7.3130.0| 879,232| 27-Jul-2018| 20:45 \nSystem.DirectoryServices.Protocols.dll| 4.7.3130.0| 201,424| 27-Jul-2018| 20:45 \nSystem.dll| 4.7.3151.0| 3,555,872| 27-Jul-2018| 20:48 \nSystem.Drawing.dll| 4.7.3130.0| 600,664| 27-Jul-2018| 20:45 \nSystem.Management.dll| 4.7.3130.0| 415,336| 27-Jul-2018| 20:45 \nSystem.Net.Http.dll| 4.7.3130.0| 204,384| 27-Jul-2018| 20:45 \nSystem.Runtime.Remoting.dll| 4.7.3130.0| 347,280| 27-Jul-2018| 20:45 \nSystem.Security.dll| 4.7.3130.0| 325,728| 27-Jul-2018| 20:45 \nSystem.Transactions.dll| 4.7.3130.0| 307,392| 27-Jul-2018| 20:45 \nSystem.Web.dll| 4.7.3130.0| 5,416,096| 27-Jul-2018| 20:45 \nSystem.Windows.Controls.Ribbon.dll| 4.7.3130.0| 742,640| 27-Jul-2018| 20:46 \nSystem.Windows.Forms.dll| 4.7.3130.0| 5,236,864| 27-Jul-2018| 20:45 \nSystem.Xaml.dll| 4.7.3130.0| 642,120| 27-Jul-2018| 20:46 \nSystem.Xml.dll| 4.7.3130.0| 2,670,144| 27-Jul-2018| 20:45 \nUIAutomationClient.dll| 4.7.3130.0| 178,008| 27-Jul-2018| 20:46 \nUIAutomationClientsideProviders.dll| 4.7.3130.0| 361,360| 27-Jul-2018| 20:46 \nUIAutomationProvider.dll| 4.7.3130.0| 48,992| 27-Jul-2018| 20:46 \nUIAutomationTypes.dll| 4.7.3130.0| 221,016| 27-Jul-2018| 20:46 \nwebengine.dll| 4.7.3130.0| 24,752| 27-Jul-2018| 20:45 \nwebengine4.dll| 4.7.3130.0| 550,040| 27-Jul-2018| 20:45 \nWindowsBase.dll| 4.7.3130.0| 1,292,112| 27-Jul-2018| 20:46 \nWMINet_Utils.dll| 4.7.3130.0| 136,360| 27-Jul-2018| 20:45 \nWorkflowServiceHostPerformanceCounters.dll| 4.7.3130.0| 89,384| 27-Jul-2018| 20:46 \nWPFFontCache_v0400.exe.mui| 4.7.3130.0| 19,152| 27-Jul-2018| 20:46 \nWPFFontCache_v0400.exe| 4.7.3130.0| 25,704| 27-Jul-2018| 20:46 \nwpfgfx_v0400.dll| 4.7.3130.0| 1,345,184| 27-Jul-2018| 20:46 \nPlaceholder.dll| 4.7.3130.0| 24,736| 27-Jul-2018| 20:46 \nPenIMC2_v0400.dll| 4.7.3130.0| 86,184| 27-Jul-2018| 20:46 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nAspnet_perf.dll| 4.7.3130.0| 46,240| 27-Jul-2018| 20:46 \nAspnet_perf.dll| 4.7.3130.0| 42,656| 27-Jul-2018| 20:45 \naspnet_wp.exe| 4.7.3130.0| 50,792| 27-Jul-2018| 20:46 \naspnet_wp.exe| 4.7.3130.0| 46,184| 27-Jul-2018| 20:45 \nclr.dll| 4.7.3133.0| 10,378,664| 27-Jul-2018| 20:46 \nclr.dll| 4.7.3133.0| 7,249,400| 27-Jul-2018| 20:45 \nclrjit.dll| 4.7.3133.0| 1,227,192| 27-Jul-2018| 20:46 \nclrjit.dll| 4.7.3133.0| 524,288| 27-Jul-2018| 20:45 \ncompatjit.dll| 4.7.3133.0| 1,262,528| 27-Jul-2018| 20:46 \ndfdll.dll| 4.7.3130.0| 191,624| 27-Jul-2018| 20:46 \ndfdll.dll| 4.7.3130.0| 159,880| 27-Jul-2018| 20:45 \nGlobalUserInterface.CompositeFont| | 186,009| 27-Jul-2018| 20:46 \nmscordacwks.dll| 4.7.3133.0| 1,843,656| 27-Jul-2018| 20:46 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 27-Jul-2018| 20:45 \nmscordbi.dll| 4.7.3133.0| 1,625,024| 27-Jul-2018| 20:46 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 27-Jul-2018| 20:45 \nmscoreei.dll| 4.7.3130.0| 632,464| 27-Jul-2018| 20:46 \nmscoreei.dll| 4.7.3130.0| 513,176| 27-Jul-2018| 20:45 \nmscorlib.dll| 4.7.3133.0| 5,420,992| 27-Jul-2018| 20:46 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 27-Jul-2018| 20:45 \nmsvcp120_clr0400.dll| 12.0.52519.0| 690,008| 28-Jul-2018| 00:29 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 27-Jul-2018| 20:48 \nmsvcr120_clr0400.dll| 12.0.52519.0| 993,632| 28-Jul-2018| 00:29 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 27-Jul-2018| 20:48 \nVsVersion.dll| 14.7.3130.0| 19,096| 27-Jul-2018| 20:46 \nVsVersion.dll| 14.7.3130.0| 19,096| 27-Jul-2018| 20:45 \npeverify.dll| 4.7.3133.0| 263,104| 27-Jul-2018| 20:46 \npeverify.dll| 4.7.3133.0| 189,960| 27-Jul-2018| 20:45 \nPresentationCore.dll| 4.7.3130.0| 3,613,368| 27-Jul-2018| 20:46 \nPresentationCore.dll| 4.7.3130.0| 3,636,560| 27-Jul-2018| 20:46 \nPresentationFramework.dll| 4.7.3130.0| 6,235,496| 27-Jul-2018| 20:46 \nPresentationFramework-SystemData.dll| 4.7.3130.0| 24,312| 27-Jul-2018| 20:46 \nPresentationHost_v0400.dll| 4.7.3130.0| 277,712| 27-Jul-2018| 20:46 \nPresentationHost_v0400.dll.mui| 4.7.3130.0| 84,704| 27-Jul-2018| 20:46 \nPresentationHost_v0400.dll| 4.7.3130.0| 214,224| 27-Jul-2018| 20:46 \nPresentationHost_v0400.dll.mui| 4.7.3130.0| 84,704| 27-Jul-2018| 20:46 \nPresentationNative_v0400.dll| 4.7.3130.0| 1,109,712| 27-Jul-2018| 20:46 \nPresentationNative_v0400.dll| 4.7.3130.0| 827,096| 27-Jul-2018| 20:46 \nServiceMonikerSupport.dll| 4.7.3130.0| 31,456| 27-Jul-2018| 20:46 \nServiceMonikerSupport.dll| 4.7.3130.0| 29,384| 27-Jul-2018| 20:45 \nSMDiagnostics.dll| 4.7.3130.0| 73,808| 27-Jul-2018| 20:45 \nSOS.dll| 4.7.3133.0| 874,920| 27-Jul-2018| 20:46 \nSOS.dll| 4.7.3133.0| 744,952| 27-Jul-2018| 20:45 \nSystem.Activities.dll| 4.7.3130.0| 1,532,544| 27-Jul-2018| 20:45 \nSystem.ComponentModel.DataAnnotations.dll| 4.7.3130.0| 127,200| 27-Jul-2018| 20:45 \nSystem.Core.dll| 4.7.3130.0| 1,551,944| 27-Jul-2018| 20:45 \nSystem.Data.Entity.dll| 4.7.3130.0| 4,034,240| 27-Jul-2018| 20:45 \nSystem.DirectoryServices.AccountManagement.dll| 4.7.3130.0| 296,224| 27-Jul-2018| 20:45 \nSystem.IdentityModel.dll| 4.7.3130.0| 1,090,176| 27-Jul-2018| 20:45 \nSystem.IdentityModel.Services.dll| 4.7.3130.0| 198,376| 27-Jul-2018| 20:45 \nSystem.Runtime.Serialization.dll| 4.7.3130.0| 1,056,456| 27-Jul-2018| 20:46 \nSystem.ServiceModel.Channels.dll| 4.7.3130.0| 157,928| 27-Jul-2018| 20:46 \nSystem.ServiceModel.Discovery.dll| 4.7.3130.0| 308,456| 27-Jul-2018| 20:46 \nSystem.ServiceModel.dll| 4.7.3130.0| 6,321,784| 27-Jul-2018| 20:46 \nSystem.ServiceModel.Internals.dll| 4.7.3130.0| 260,808| 27-Jul-2018| 20:46 \nSystem.ServiceModel.Routing.dll| 4.7.3130.0| 130,784| 27-Jul-2018| 20:46 \nSystem.ServiceModel.WasHosting.dll| 4.7.3130.0| 39,656| 27-Jul-2018| 20:46 \nSystem.Web.ApplicationServices.dll| 4.7.3130.0| 70,840| 27-Jul-2018| 20:45 \nSystem.Web.Extensions.dll| 4.7.3130.0| 1,849,472| 27-Jul-2018| 20:45 \nSystem.Workflow.Activities.dll| 4.7.3130.0| 1,051,360| 27-Jul-2018| 20:46 \nSystem.Workflow.ComponentModel.dll| 4.7.3130.0| 1,542,384| 27-Jul-2018| 20:46 \nSystem.Workflow.Runtime.dll| 4.7.3130.0| 498,896| 27-Jul-2018| 20:46 \nSystem.Runtime.Caching.dll| 4.7.3130.0| 109,776| 27-Jul-2018| 20:45 \nSystem.Data.dll| 4.7.3130.0| 3,520,672| 27-Jul-2018| 20:46 \nSystem.Data.dll| 4.7.3130.0| 3,458,720| 27-Jul-2018| 20:45 \nSystem.Data.SqlXml.dll| 4.7.3130.0| 734,320| 27-Jul-2018| 20:45 \nSystem.Deployment.dll| 4.7.3130.0| 879,232| 27-Jul-2018| 20:45 \nSystem.DirectoryServices.Protocols.dll| 4.7.3130.0| 201,424| 27-Jul-2018| 20:45 \nSystem.dll| 4.7.3151.0| 3,555,872| 27-Jul-2018| 20:48 \nSystem.Drawing.dll| 4.7.3130.0| 600,664| 27-Jul-2018| 20:45 \nSystem.Management.dll| 4.7.3130.0| 415,336| 27-Jul-2018| 20:45 \nSystem.Net.Http.dll| 4.7.3130.0| 204,384| 27-Jul-2018| 20:45 \nSystem.Runtime.Remoting.dll| 4.7.3130.0| 347,280| 27-Jul-2018| 20:45 \nSystem.Security.dll| 4.7.3130.0| 325,728| 27-Jul-2018| 20:45 \nSystem.Transactions.dll| 4.7.3130.0| 310,464| 27-Jul-2018| 20:46 \nSystem.Transactions.dll| 4.7.3130.0| 307,392| 27-Jul-2018| 20:45 \nSystem.Web.dll| 4.7.3130.0| 5,398,192| 27-Jul-2018| 20:46 \nSystem.Web.dll| 4.7.3130.0| 5,416,096| 27-Jul-2018| 20:45 \nSystem.Windows.Controls.Ribbon.dll| 4.7.3130.0| 742,640| 27-Jul-2018| 20:46 \nSystem.Windows.Forms.dll| 4.7.3130.0| 5,236,864| 27-Jul-2018| 20:45 \nSystem.Xaml.dll| 4.7.3130.0| 642,120| 27-Jul-2018| 20:46 \nSystem.XML.dll| 4.7.3130.0| 2,670,144| 27-Jul-2018| 20:45 \nUIAutomationClient.dll| 4.7.3130.0| 178,008| 27-Jul-2018| 20:46 \nUIAutomationClientsideProviders.dll| 4.7.3130.0| 361,360| 27-Jul-2018| 20:46 \nUIAutomationProvider.dll| 4.7.3130.0| 48,992| 27-Jul-2018| 20:46 \nUIAutomationTypes.dll| 4.7.3130.0| 221,016| 27-Jul-2018| 20:46 \nwebengine.dll| 4.7.3130.0| 26,264| 27-Jul-2018| 20:46 \nwebengine.dll| 4.7.3130.0| 24,752| 27-Jul-2018| 20:45 \nwebengine4.dll| 4.7.3130.0| 667,296| 27-Jul-2018| 20:46 \nwebengine4.dll| 4.7.3130.0| 550,040| 27-Jul-2018| 20:45 \nWindowsBase.dll| 4.7.3130.0| 1,292,112| 27-Jul-2018| 20:46 \nWMINet_Utils.dll| 4.7.3130.0| 188,072| 27-Jul-2018| 20:46 \nWMINet_Utils.dll| 4.7.3130.0| 136,360| 27-Jul-2018| 20:45 \nWorkflowServiceHostPerformanceCounters.dll| 4.7.3130.0| 101,136| 27-Jul-2018| 20:46 \nWorkflowServiceHostPerformanceCounters.dll| 4.7.3130.0| 89,384| 27-Jul-2018| 20:46 \nWPFFontCache_v0400.exe.mui| 4.7.3130.0| 19,168| 27-Jul-2018| 20:46 \nWPFFontCache_v0400.exe.mui| 4.7.3130.0| 19,152| 27-Jul-2018| 20:46 \nWPFFontCache_v0400.exe| 4.7.3130.0| 26,728| 27-Jul-2018| 20:46 \nWPFFontCache_v0400.exe| 4.7.3130.0| 25,704| 27-Jul-2018| 20:46 \nwpfgfx_v0400.dll| 4.7.3130.0| 1,764,520| 27-Jul-2018| 20:46 \nwpfgfx_v0400.dll| 4.7.3130.0| 1,345,184| 27-Jul-2018| 20:46 \nPlaceholder.dll| 4.7.3130.0| 25,760| 27-Jul-2018| 20:46 \nPlaceholder.dll| 4.7.3130.0| 24,736| 27-Jul-2018| 20:46 \nPenIMC2_v0400.dll| 4.7.3130.0| 104,616| 27-Jul-2018| 20:46 \nPenIMC2_v0400.dll| 4.7.3130.0| 86,184| 27-Jul-2018| 20:46 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "published": "2018-08-14T07:00:00", "modified": "2018-08-14T07:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://support.microsoft.com/en-us/help/4344146", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2018-8360"], "immutableFields": [], "lastseen": "2021-12-31T15:04:31", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-8360"]}, {"type": "kaspersky", "idList": ["KLA11305"]}, {"type": "mscve", "idList": ["MS:CVE-2018-8202", "MS:CVE-2018-8360"]}, {"type": "mskb", "idList": ["KB4343885", "KB4343887", "KB4343892", "KB4343897", "KB4343909", "KB4344144", "KB4344145", "KB4344147", "KB4344148", "KB4344149", "KB4344150", "KB4344151", "KB4344152", "KB4344153", "KB4344165", "KB4344166", "KB4344167", "KB4344171", "KB4344172", "KB4344173", "KB4344175", "KB4344176", "KB4344177", "KB4344178", "KB4345590", "KB4345591", "KB4345592", "KB4345593", "KB4345679", "KB4345680", "KB4345681", "KB4345682"]}, {"type": "nessus", "idList": ["SMB_NT_MS18_AUG_4343885.NASL", "SMB_NT_MS18_AUG_4343887.NASL", "SMB_NT_MS18_AUG_4343892.NASL", "SMB_NT_MS18_AUG_4343897.NASL", "SMB_NT_MS18_AUG_4343898.NASL", "SMB_NT_MS18_AUG_4343900.NASL", "SMB_NT_MS18_AUG_4343901.NASL", "SMB_NT_MS18_AUG_4343909.NASL", "SMB_NT_MS18_AUG_DOTNET.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813759", "OPENVAS:1361412562310813760", "OPENVAS:1361412562310813763", "OPENVAS:1361412562310813766", "OPENVAS:1361412562310813840", "OPENVAS:1361412562310813841", "OPENVAS:1361412562310813842", "OPENVAS:1361412562310813843", "OPENVAS:1361412562310813844"]}, {"type": "talosblog", "idList": ["TALOSBLOG:A9E55A97439608C62C1BF62669B8074A"]}], "rev": 4}, "score": {"value": 4.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2018-8360"]}, {"type": "kaspersky", "idList": ["KLA11305"]}, {"type": "mscve", "idList": ["MS:CVE-2018-8360"]}, {"type": "mskb", "idList": ["KB4343897", "KB4345593", "KB4345680"]}, {"type": "nessus", "idList": ["SMB_NT_MS18_AUG_4343898.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813759", "OPENVAS:1361412562310813760", "OPENVAS:1361412562310813763", "OPENVAS:1361412562310813766", "OPENVAS:1361412562310813840", "OPENVAS:1361412562310813841", "OPENVAS:1361412562310813842", "OPENVAS:1361412562310813843", "OPENVAS:1361412562310813844"]}, {"type": "talosblog", "idList": ["TALOSBLOG:A9E55A97439608C62C1BF62669B8074A"]}]}, "exploitation": null, "vulnersScore": 4.4}, "kb": "KB4344146", "msrc": "", "mscve": "CVE-2018-8360", "msplatform": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "msfamily": "Developer Tools", "msimpact": "Information Disclosure", "msseverity": "Important", "superseeds": ["KB4291493, 4340556", "KB4291493, 4340556 "], "parentseeds": [], "msproducts": ["11529"], "supportAreaPaths": [], "supportAreaPathNodes": [], "primarySupportAreaPath": [], "_state": {"dependencies": 1646159057}}

{"mskb": [{"lastseen": "2021-12-31T15:04:34", "description": "None\n## Summary\n\nThis update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows Server 2012, see the following article in the Microsoft Knowledge Base:[4345591](<https://support.microsoft.com/help/4345591>) Security and Quality Rollup updates for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 for Windows Server 2012 (KB 4345591)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345591** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces previously released updates [KB 4340557](<https://support.microsoft.com/help/4340557>) and [KB 4291495](<https://support.microsoft.com/help/4291495>). \n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8-RT-KB4344148-x64.msu| 75F9FD1B79CE8E2121004DA317E308B63223F1E0| E3E381ECFF02E4B1795770FF4A6677ECCF10E04EC789CE9F9E8648751644A6C0 \nWindows8-RT-KB4344148-x86.msu| 961F603CC2A7A2DEF16C2111217929DBFE5441AF| B048A02C81A5268E40FF20785688D18C86CDC134F6F70CB3E9BC5D70000C0D68 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nvbc.exe.config| | 182| 04-Jun-2015| 23:03 \nwebengine4.dll| 4.0.30319.36430| 509,584| 12-Dec-2017| 19:05 \nwebengine.dll| 4.0.30319.36430| 24,720| 12-Dec-2017| 19:05 \nwminet_utils.dll| 4.0.30319.36403| 126,128| 09-Jun-2017| 13:10 \nworkflowservicehostperformancecounters.dll| 4.0.30319.36450| 75,536| 27-Jul-2018| 07:23 \nwpfgfx_v0400.dll| 4.0.30319.36393| 1,648,304| 06-Apr-2017| 20:26 \npresentationcore.dll| 4.0.30319.36393| 3,226,976| 06-Apr-2017| 20:26 \nsystem.data.dll| 4.0.30319.36393| 3,209,392| 06-Apr-2017| 20:26 \nsystem.printing.dll| 4.0.30319.36366| 343,384| 11-Aug-2016| 13:22 \nsystem.transactions.dll| 4.0.30319.36366| 289,488| 11-Aug-2016| 13:22 \nsystem.web.dll| 4.0.30319.36430| 5,464,208| 12-Dec-2017| 19:05 \nmicrosoft.build.tasks.v4.0.dll| 4.0.30319.36366| 1,191,144| 11-Aug-2016| 13:22 \nmicrosoft.build.dll| 4.0.30319.36366| 1,448,128| 11-Aug-2016| 13:22 \npresentationframework.aero2.dll| 4.0.30319.36366| 256,912| 11-Aug-2016| 13:22 \npresentationframework.aerolite.dll| 4.0.30319.36366| 177,560| 11-Aug-2016| 13:22 \npresentationframework.dll| 4.0.30319.36393| 6,221,680| 06-Apr-2017| 20:26 \nreachframework.dll| 4.0.30319.36366| 595,280| 11-Aug-2016| 13:22 \nsmdiagnostics.dll| 4.0.30319.36450| 73,328| 08-Jun-2018| 16:05 \nsystem.activities.core.presentation.dll| 4.0.30319.36366| 718,256| 11-Aug-2016| 13:22 \nsystem.activities.presentation.dll| 4.0.30319.36366| 2,140,576| 11-Aug-2016| 13:22 \nsystem.activities.dll| 4.0.30319.36450| 1,582,704| 08-Jun-2018| 16:05 \nsystem.addin.dll| 4.0.30319.36366| 163,504| 11-Aug-2016| 13:22 \nsystem.componentmodel.composition.dll| 4.0.30319.36366| 312,096| 11-Aug-2016| 13:22 \nsystem.configuration.dll| 4.0.30319.36366| 402,640| 11-Aug-2016| 13:22 \nsystem.core.dll| 4.0.30319.36393| 1,271,968| 06-Apr-2017| 20:26 \nsystem.data.entity.dll| 4.0.30319.36366| 4,099,272| 11-Aug-2016| 13:22 \nsystem.data.linq.dll| 4.0.30319.36366| 698,568| 11-Aug-2016| 13:22 \nsystem.data.sqlxml.dll| 4.0.30319.36427| 752,320| 01-Dec-2017| 13:05 \nsystem.deployment.dll| 4.0.30319.36366| 853,696| 11-Aug-2016| 13:22 \nsystem.design.dll| 4.0.30319.36366| 5,056,176| 11-Aug-2016| 13:22 \nsystem.directoryservices.accountmanagement.dll| 4.0.30319.36366| 297,776| 27-Jul-2018| 07:23 \nsystem.directoryservices.protocols.dll| 4.0.30319.36366| 203,048| 11-Aug-2016| 13:22 \nsystem.directoryservices.dll| 4.0.30319.36366| 425,704| 11-Aug-2016| 13:22 \nsystem.drawing.design.dll| 4.0.30319.36366| 113,880| 11-Aug-2016| 13:22 \nsystem.drawing.dll| 4.0.30319.36366| 598,704| 11-Aug-2016| 13:22 \nsystem.identitymodel.services.dll| 4.0.30319.36450| 199,912| 08-Jun-2018| 16:05 \nsystem.identitymodel.dll| 4.0.30319.36450| 1,093,784| 08-Jun-2018| 16:05 \nsystem.io.compression.dll| 4.0.30319.36366| 71,904| 11-Aug-2016| 13:22 \nsystem.management.dll| 4.0.30319.36403| 417,472| 09-Jun-2017| 13:10 \nsystem.messaging.dll| 4.0.30319.36366| 275,640| 11-Aug-2016| 13:22 \nsystem.net.dll| 4.0.30319.36366| 259,736| 11-Aug-2016| 13:22 \nsystem.numerics.dll| 4.0.30319.36366| 86,192| 11-Aug-2016| 13:22 \nsystem.runtime.caching.dll| 4.0.30319.36393| 109,272| 06-Apr-2017| 20:26 \nsystem.runtime.remoting.dll| 4.0.30319.36415| 348,904| 31-Aug-2017| 13:08 \nsystem.runtime.serialization.dll| 4.0.30319.36450| 1,060,008| 08-Jun-2018| 16:05 \nsystem.runtime.windowsruntime.dll| 4.0.30319.36366| 152,328| 11-Aug-2016| 13:22 \nsystem.runtime.dll| 4.0.30319.36366| 36,536| 11-Aug-2016| 13:22 \nsystem.security.dll| 4.0.30319.36440| 301,648| 27-Mar-2018| 17:37 \nsystem.servicemodel.activation.dll| 4.0.30319.36366| 204,184| 11-Aug-2016| 13:22 \nsystem.servicemodel.channels.dll| 4.0.30319.36450| 159,624| 08-Jun-2018| 16:05 \nsystem.servicemodel.discovery.dll| 4.0.30319.36450| 312,712| 08-Jun-2018| 16:05 \nsystem.servicemodel.internals.dll| 4.0.30319.36450| 254,648| 08-Jun-2018| 16:05 \nsystem.servicemodel.routing.dll| 4.0.30319.36366| 132,496| 11-Aug-2016| 13:22 \nsystem.servicemodel.washosting.dll| 4.0.30319.36450| 39,664| 08-Jun-2018| 16:05 \nsystem.servicemodel.web.dll| 4.0.30319.36366| 332,520| 11-Aug-2016| 13:22 \nsystem.servicemodel.dll| 4.0.30319.36450| 6,386,832| 08-Jun-2018| 16:05 \nsystem.serviceprocess.dll| 4.0.30319.36366| 134,872| 11-Aug-2016| 13:22 \nsystem.threading.timer.dll| 4.0.30319.36366| 29,400| 11-Aug-2016| 13:22 \nsystem.web.applicationservices.dll| 4.0.30319.36430| 71,424| 12-Dec-2017| 19:05 \nsystem.web.extensions.dll| 4.0.30319.36430| 1,859,280| 12-Dec-2017| 19:05 \nsystem.web.mobile.dll| 4.0.30319.36366| 839,880| 11-Aug-2016| 13:22 \nsystem.web.services.dll| 4.0.30319.36366| 858,312| 11-Aug-2016| 13:22 \nsystem.windows.controls.ribbon.dll| 4.0.30319.36393| 751,512| 06-Apr-2017| 20:26 \nsystem.windows.forms.dll| 4.0.30319.36366| 4,859,608| 11-Aug-2016| 13:22 \nsystem.workflow.activities.dll| 4.0.30319.36450| 1,068,416| 08-Jun-2018| 16:05 \nsystem.workflow.componentmodel.dll| 4.0.30319.36450| 1,560,464| 08-Jun-2018| 16:05 \nsystem.workflow.runtime.dll| 4.0.30319.36450| 503,664| 08-Jun-2018| 16:05 \nsystem.xaml.dll| 4.0.30319.36393| 640,672| 06-Apr-2017| 20:26 \nsystem.xml.dll| 4.0.30319.36427| 2,705,040| 01-Dec-2017| 13:05 \nsystem.dll| 4.0.30319.36455| 3,488,792| 13-Jul-2018| 02:54 \nwindowsbase.dll| 4.0.30319.36393| 1,241,928| 06-Apr-2017| 20:26 \nwindowsformsintegration.dll| 4.0.30319.36366| 102,784| 11-Aug-2016| 13:22 \nxamlbuildtask.dll| 4.0.30319.36366| 133,968| 11-Aug-2016| 13:22 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 47,076| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 40,566| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 67,808| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 61,718| 21-Nov-2017| 07:23 \naspnet_perf.h| | 7,177| 02-Jun-2012| 14:34 \naspnet_perf2.ini| | 995,534| 02-Jun-2012| 14:34 \naspnet_perf2_d.ini| | 31| 02-Jun-2012| 14:34 \naspnet_state_perf.h| | 318| 02-Jun-2012| 14:34 \naspnet_state_perf.ini| | 42,996| 02-Jun-2012| 14:34 \naspnet_state_perf_d.ini| | 36| 02-Jun-2012| 14:34 \naspnet_counters.dll| 4.0.30319.36366| 28,352| 11-Aug-2016| 13:22 \naspnet_filter.dll| 4.0.30319.36366| 34,488| 11-Aug-2016| 13:22 \naspnet_isapi.dll| 4.0.30319.36366| 24,752| 11-Aug-2016| 13:22 \naspnet_perf.dll| 4.0.30319.36430| 41,616| 12-Dec-2017| 19:05 \naspnet_rc.dll| 4.0.30319.36366| 90,280| 11-Aug-2016| 13:22 \naspnet_regiis.exe| 4.0.30319.36366| 41,136| 11-Aug-2016| 13:22 \naspnet_state.exe| 4.0.30319.36366| 45,744| 11-Aug-2016| 13:22 \naspnet_state_perf.h| | 318| 15-Nov-2017| 00:50 \naspnet_state_perf.ini| | 42,996| 15-Nov-2017| 00:50 \naspnet_wp.exe| 4.0.30319.36430| 43,104| 12-Dec-2017| 19:05 \nblackberry.browser| | 2,389| 04-Jun-2015| 23:02 \nchrome.browser| | 2,107| 04-Jun-2015| 23:02 \ndefault.browser| | 11,568| 04-Jun-2015| 23:02 \nfirefox.browser| | 2,336| 04-Jun-2015| 23:02 \ngateway.browser| | 5,630| 04-Jun-2015| 23:02 \ngeneric.browser| | 5,569| 04-Jun-2015| 23:02 \nie.browser| | 5,166| 04-Jun-2015| 23:02 \niemobile.browser| | 4,045| 04-Jun-2015| 23:02 \niphone.browser| | 1,759| 04-Jun-2015| 23:02 \nopera.browser| | 5,248| 04-Jun-2015| 23:02 \nsafari.browser| | 3,560| 04-Jun-2015| 23:02 \nucbrowser.browser| | 1,725| 04-Jun-2015| 23:02 \nclr-etw.man| | 303,549| 28-Dec-2016| 04:30 \nclretwrc.dll| 4.0.30319.36366| 228,008| 28-Dec-2016| 04:30 \nclrjit.dll| 4.0.30319.36460| 510,464| 24-Jul-2018| 15:10 \nclr.dll| 4.0.30319.36460| 6,939,640| 24-Jul-2018| 15:10 \ncorperfmonext.dll| 4.0.30319.36366| 127,672| 11-Aug-2016| 13:22 \ncsc.rsp| | 1,329| 04-Jun-2015| 23:02 \ncsc.exe| 4.0.30319.36366| 1,853,072| 11-Aug-2016| 13:22 \ncsc.exe.config| | 182| 04-Jun-2015| 23:02 \nculture.dll| 4.0.30319.36366| 54,432| 22-Aug-2016| 13:09 \nlocale.nlp| | 419,632| 22-Aug-2015| 13:09 \ndfdll.dll| 4.0.30319.36366| 141,976| 11-Aug-2016| 13:22 \ninstallpersistsqlstate.sql| | 54,647| 28-Dec-2016| 04:30 \ninstallsqlstatetemplate.sql| | 56,233| 28-Dec-2016| 04:30 \ninstallsqlstate.sql| | 54,427| 28-Dec-2016| 04:30 \nmicrosoft.common.overridetasks| | 6,297| 04-Jun-2015| 23:02 \nmicrosoft.data.entity.targets| | 6,501| 04-Jun-2015| 23:02 \nmicrosoft.workflowbuildextensions.targets| | 7,537| 27-Jul-2018| 07:23 \nmicrosoft.xaml.targets| | 19,848| 04-Jun-2015| 23:02 \nmmcaspext.dll| 4.0.30319.36366| 107,176| 11-Aug-2016| 13:22 \nmicrosoft.common.targets| | 262,547| 04-Jun-2015| 23:02 \nmicrosoft.csharp.targets| | 23,618| 04-Jun-2015| 23:02 \nmicrosoft.netframework.props| | 11,957| 04-Jun-2015| 23:02 \nmicrosoft.netframework.targets| | 8,183| 04-Jun-2015| 23:02 \nmicrosoft.visualbasic.targets| | 23,329| 04-Jun-2015| 23:02 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 24-Jul-2018| 15:10 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 24-Jul-2018| 15:10 \nmscoreei.dll| 4.0.30319.36366| 516,256| 11-Aug-2016| 13:22 \nmscorrc.dll| 4.0.30319.36366| 395,936| 11-Aug-2016| 13:22 \nmscorsvc.dll| 4.0.30319.36366| 414,880| 11-Aug-2016| 13:22 \nmscorsvw.exe| 4.0.30319.36366| 103,600| 22-Aug-2016| 13:09 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 24-Jul-2018| 15:10 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 24-Jul-2018| 15:10 \nngen.exe| 4.0.30319.36366| 140,944| 22-Aug-2016| 13:09 \npenimc.dll| 4.0.30319.36393| 81,560| 06-Apr-2017| 20:26 \npeverify.dll| 4.0.30319.36460| 163,968| 24-Jul-2018| 15:10 \npresentationhost_v0400.dll| 4.0.30319.36393| 186,072| 06-Apr-2017| 20:26 \npresentationnative_v0400.dll| 4.0.30319.36393| 790,240| 06-Apr-2017| 20:26 \nservicemonikersupport.dll| 4.0.30319.36450| 28,360| 08-Jun-2018| 16:05 \nsos.dll| 4.0.30319.36460| 762,472| 24-Jul-2018| 15:10 \nsystem.addin.dll| 4.0.30319.36366| 163,504| 11-Aug-2016| 13:22 \nsystem.core.dll| 4.0.30319.36393| 1,271,968| 06-Apr-2017| 20:26 \nsystem.data.entity.dll| 4.0.30319.36366| 4,099,272| 11-Aug-2016| 13:22 \nsystem.data.linq.dll| 4.0.30319.36366| 698,568| 11-Aug-2016| 13:22 \nsystem.net.dll| 4.0.30319.36366| 259,736| 11-Aug-2016| 13:22 \nsystem.web.extensions.dll| 4.0.30319.36430| 1,859,280| 12-Dec-2017| 19:05 \nvbc.rsp| | 1,467| 04-Jun-2015| 23:03 \nvbc.exe| 12.0.52366.36366| 2,459,280| 11-Aug-2016| 13:22 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.0.30319.36460| 5,219,968| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 47,076| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 40,566| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 67,808| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 61,718| 21-Nov-2017| 07:23 \naspnet_perf.h| | 7,177| 02-Jun-2012| 14:32 \naspnet_perf2.ini| | 995,534| 02-Jun-2012| 14:32 \naspnet_perf2_d.ini| | 31| 02-Jun-2012| 14:33 \naspnet_state_perf.h| | 318| 02-Jun-2012| 14:33 \naspnet_state_perf.ini| | 42,996| 02-Jun-2012| 14:33 \naspnet_state_perf_d.ini| | 36| 02-Jun-2012| 14:33 \naspnet_counters.dll| 4.0.30319.36366| 29,888| 11-Aug-2016| 13:22 \naspnet_filter.dll| 4.0.30319.36366| 37,560| 11-Aug-2016| 13:22 \naspnet_isapi.dll| 4.0.30319.36366| 25,776| 11-Aug-2016| 13:22 \naspnet_perf.dll| 4.0.30319.36430| 45,208| 12-Dec-2017| 19:06 \naspnet_rc.dll| 4.0.30319.36366| 90,280| 11-Aug-2016| 13:22 \naspnet_regiis.exe| 4.0.30319.36366| 43,704| 11-Aug-2016| 13:22 \naspnet_state.exe| 4.0.30319.36366| 50,864| 11-Aug-2016| 13:22 \naspnet_state_perf.h| | 318| 15-Nov-2017| 00:49 \naspnet_state_perf.ini| | 42,996| 15-Nov-2017| 00:49 \naspnet_wp.exe| 4.0.30319.36430| 47,712| 12-Dec-2017| 19:06 \nblackberry.browser| | 2,389| 04-Jun-2015| 22:53 \nchrome.browser| | 2,107| 04-Jun-2015| 22:53 \ndefault.browser| | 11,568| 04-Jun-2015| 22:53 \nfirefox.browser| | 2,336| 04-Jun-2015| 22:53 \ngateway.browser| | 5,630| 04-Jun-2015| 22:53 \ngeneric.browser| | 5,569| 04-Jun-2015| 22:53 \nie.browser| | 5,166| 04-Jun-2015| 22:53 \niemobile.browser| | 4,045| 04-Jun-2015| 22:53 \niphone.browser| | 1,759| 04-Jun-2015| 22:53 \nopera.browser| | 5,248| 04-Jun-2015| 22:53 \nsafari.browser| | 3,560| 04-Jun-2015| 22:53 \nucbrowser.browser| | 1,725| 04-Jun-2015| 22:53 \nclr-etw.man| | 303,557| 04-Jun-2015| 22:53 \nclretwrc.dll| 4.0.30319.36366| 228,008| 11-Aug-2016| 13:22 \nclrjit.dll| 4.0.30319.36460| 1,234,552| 24-Jul-2018| 15:10 \nclr.dll| 4.0.30319.36460| 10,070,120| 24-Jul-2018| 15:10 \ncorperfmonext.dll| 4.0.30319.36366| 153,784| 11-Aug-2016| 13:22 \ncsc.rsp| | 1,329| 04-Jun-2015| 22:53 \ncsc.exe| 4.0.30319.36366| 2,637,456| 11-Aug-2016| 13:22 \ncsc.exe.config| | 182| 04-Jun-2015| 22:53 \nculture.dll| 4.0.30319.36366| 63,648| 22-Aug-2016| 13:10 \nlocale.nlp| | 419,632| 22-Aug-2015| 13:09 \ndfdll.dll| 4.0.30319.36366| 165,528| 11-Aug-2016| 13:22 \ninstallpersistsqlstate.sql| | 54,647| 04-Jun-2015| 22:53 \ninstallsqlstatetemplate.sql| | 56,233| 04-Jun-2015| 22:53 \ninstallsqlstate.sql| | 54,427| 04-Jun-2015| 22:53 \nmicrosoft.build.tasks.v4.0.dll| 4.0.30319.36366| 1,191,144| 11-Aug-2016| 13:22 \nmicrosoft.build.dll| 4.0.30319.36366| 1,448,128| 11-Aug-2016| 13:22 \nmicrosoft.common.overridetasks| | 6,297| 04-Jun-2015| 22:53 \nmicrosoft.data.entity.targets| | 6,501| 04-Jun-2015| 22:53 \nmicrosoft.workflowbuildextensions.targets| | 7,537| 27-Jul-2018| 07:24 \nmicrosoft.xaml.targets| | 19,848| 04-Jun-2015| 22:53 \nmmcaspext.dll| 4.0.30319.36366| 113,320| 11-Aug-2016| 13:22 \nmicrosoft.common.targets| | 262,547| 04-Jun-2015| 22:53 \nmicrosoft.csharp.targets| | 23,618| 04-Jun-2015| 22:53 \nmicrosoft.netframework.props| | 11,957| 04-Jun-2015| 22:53 \nmicrosoft.netframework.targets| | 8,183| 04-Jun-2015| 22:53 \nmicrosoft.visualbasic.targets| | 23,329| 04-Jun-2015| 22:53 \nmscordacwks.dll| 4.0.30319.36460| 1,731,208| 24-Jul-2018| 15:10 \nmscordbi.dll| 4.0.30319.36460| 1,533,568| 24-Jul-2018| 15:10 \nmscoreei.dll| 4.0.30319.36366| 636,064| 11-Aug-2016| 13:22 \nmscorrc.dll| 4.0.30319.36366| 395,936| 11-Aug-2016| 13:22 \nmscorsvc.dll| 4.0.30319.36366| 523,424| 11-Aug-2016| 13:22 \nmscorsvw.exe| 4.0.30319.36366| 124,088| 22-Aug-2016| 13:10 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 678,584| 24-Jul-2018| 15:10 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 869,536| 24-Jul-2018| 15:10 \nngen.exe| 4.0.30319.36366| 171,152| 22-Aug-2016| 13:10 \npenimc.dll| 4.0.30319.36393| 94,872| 06-Apr-2017| 20:26 \npeverify.dll| 4.0.30319.36460| 225,920| 24-Jul-2018| 15:10 \npresentationframework.aero2.dll| 4.0.30319.36366| 256,912| 11-Aug-2016| 13:22 \npresentationframework.aerolite.dll| 4.0.30319.36366| 177,560| 11-Aug-2016| 13:22 \npresentationframework.dll| 4.0.30319.36393| 6,221,680| 06-Apr-2017| 20:26 \npresentationhost_v0400.dll| 4.0.30319.36393| 232,152| 06-Apr-2017| 20:26 \npresentationnative_v0400.dll| 4.0.30319.36393| 1,077,984| 06-Apr-2017| 20:26 \nreachframework.dll| 4.0.30319.36366| 595,280| 11-Aug-2016| 13:22 \nservicemonikersupport.dll| 4.0.30319.36450| 28,872| 08-Jun-2018| 16:05 \nsmdiagnostics.dll| 4.0.30319.36450| 73,328| 08-Jun-2018| 16:05 \nsos.dll| 4.0.30319.36460| 822,888| 24-Jul-2018| 15:10 \nsystem.activities.core.presentation.dll| 4.0.30319.36366| 718,256| 27-Jul-2018| 07:24 \nsystem.activities.presentation.dll| 4.0.30319.36366| 2,140,576| 11-Aug-2016| 13:22 \nsystem.activities.dll| 4.0.30319.36450| 1,582,704| 08-Jun-2018| 16:05 \nsystem.addin.dll| 4.0.30319.36366| 163,504| 11-Aug-2016| 13:22 \nsystem.componentmodel.composition.dll| 4.0.30319.36366| 312,096| 27-Jul-2018| 07:24 \nsystem.configuration.dll| 4.0.30319.36366| 402,640| 11-Aug-2016| 13:22 \nsystem.core.dll| 4.0.30319.36393| 1,271,968| 06-Apr-2017| 20:26 \nsystem.data.entity.dll| 4.0.30319.36366| 4,099,272| 11-Aug-2016| 13:22 \nsystem.data.linq.dll| 4.0.30319.36366| 698,568| 11-Aug-2016| 13:22 \nsystem.data.sqlxml.dll| 4.0.30319.36427| 752,320| 01-Dec-2017| 13:13 \nsystem.deployment.dll| 4.0.30319.36366| 853,696| 11-Aug-2016| 13:22 \nsystem.design.dll| 4.0.30319.36366| 5,056,176| 11-Aug-2016| 13:22 \nsystem.directoryservices.accountmanagement.dll| 4.0.30319.36366| 297,776| 27-Jul-2018| 07:24 \nsystem.directoryservices.protocols.dll| 4.0.30319.36366| 203,048| 27-Jul-2018| 07:24 \nsystem.directoryservices.dll| 4.0.30319.36366| 425,704| 11-Aug-2016| 13:22 \nsystem.drawing.design.dll| 4.0.30319.36366| 113,880| 11-Aug-2016| 13:22 \nsystem.drawing.dll| 4.0.30319.36366| 598,704| 11-Aug-2016| 13:22 \nsystem.identitymodel.services.dll| 4.0.30319.36450| 199,912| 08-Jun-2018| 16:05 \nsystem.identitymodel.dll| 4.0.30319.36450| 1,093,784| 08-Jun-2018| 16:05 \nsystem.io.compression.dll| 4.0.30319.36366| 71,904| 11-Aug-2016| 13:22 \nsystem.management.dll| 4.0.30319.36403| 417,472| 09-Jun-2017| 13:10 \nsystem.messaging.dll| 4.0.30319.36366| 275,640| 11-Aug-2016| 13:22 \nsystem.net.dll| 4.0.30319.36366| 259,736| 11-Aug-2016| 13:22 \nsystem.numerics.dll| 4.0.30319.36366| 86,192| 11-Aug-2016| 13:22 \nsystem.runtime.caching.dll| 4.0.30319.36393| 109,272| 06-Apr-2017| 20:26 \nsystem.runtime.remoting.dll| 4.0.30319.36415| 348,904| 31-Aug-2017| 13:09 \nsystem.runtime.serialization.dll| 4.0.30319.36450| 1,060,008| 08-Jun-2018| 16:05 \nsystem.runtime.windowsruntime.dll| 4.0.30319.36366| 152,328| 11-Aug-2016| 13:22 \nsystem.runtime.dll| 4.0.30319.36366| 36,536| 11-Aug-2016| 13:22 \nsystem.security.dll| 4.0.30319.36440| 301,648| 27-Mar-2018| 17:37 \nsystem.servicemodel.activation.dll| 4.0.30319.36366| 204,184| 11-Aug-2016| 13:22 \nsystem.servicemodel.channels.dll| 4.0.30319.36450| 159,624| 08-Jun-2018| 16:05 \nsystem.servicemodel.discovery.dll| 4.0.30319.36450| 312,712| 08-Jun-2018| 16:05 \nsystem.servicemodel.internals.dll| 4.0.30319.36450| 254,648| 08-Jun-2018| 16:05 \nsystem.servicemodel.routing.dll| 4.0.30319.36366| 132,496| 11-Aug-2016| 13:22 \nsystem.servicemodel.washosting.dll| 4.0.30319.36450| 39,664| 08-Jun-2018| 16:05 \nsystem.servicemodel.web.dll| 4.0.30319.36366| 332,520| 11-Aug-2016| 13:22 \nsystem.servicemodel.dll| 4.0.30319.36450| 6,386,832| 08-Jun-2018| 16:05 \nsystem.serviceprocess.dll| 4.0.30319.36366| 134,872| 11-Aug-2016| 13:22 \nsystem.threading.timer.dll| 4.0.30319.36366| 29,400| 11-Aug-2016| 13:22 \nsystem.web.applicationservices.dll| 4.0.30319.36430| 71,424| 12-Dec-2017| 19:06 \nsystem.web.extensions.dll| 4.0.30319.36430| 1,859,280| 12-Dec-2017| 19:06 \nsystem.web.mobile.dll| 4.0.30319.36366| 839,880| 11-Aug-2016| 13:22 \nsystem.web.services.dll| 4.0.30319.36366| 858,312| 11-Aug-2016| 13:22 \nsystem.windows.controls.ribbon.dll| 4.0.30319.36393| 751,512| 06-Apr-2017| 20:26 \nsystem.windows.forms.dll| 4.0.30319.36366| 4,859,608| 11-Aug-2016| 13:22 \nsystem.workflow.activities.dll| 4.0.30319.36450| 1,068,416| 08-Jun-2018| 16:05 \nsystem.workflow.componentmodel.dll| 4.0.30319.36450| 1,560,464| 08-Jun-2018| 16:05 \nsystem.workflow.runtime.dll| 4.0.30319.36450| 503,664| 08-Jun-2018| 16:05 \nsystem.xaml.dll| 4.0.30319.36393| 640,672| 06-Apr-2017| 20:26 \nsystem.xml.dll| 4.0.30319.36427| 2,705,040| 01-Dec-2017| 13:13 \nsystem.dll| 4.0.30319.36455| 3,488,792| 13-Jul-2018| 02:55 \nvbc.rsp| | 1,467| 04-Jun-2015| 22:54 \nvbc.exe| 12.0.52366.36366| 3,546,256| 11-Aug-2016| 13:22 \nvbc.exe.config| | 182| 04-Jun-2015| 22:54 \nwebengine4.dll| 4.0.30319.36430| 621,200| 12-Dec-2017| 19:06 \nwebengine.dll| 4.0.30319.36430| 26,768| 12-Dec-2017| 19:06 \nwindowsbase.dll| 4.0.30319.36393| 1,241,928| 06-Apr-2017| 20:26 \nwindowsformsintegration.dll| 4.0.30319.36366| 102,784| 11-Aug-2016| 13:22 \nwminet_utils.dll| 4.0.30319.36403| 174,256| 09-Jun-2017| 13:10 \nworkflowservicehostperformancecounters.dll| 4.0.30319.36450| 84,776| 27-Jul-2018| 07:24 \nwpfgfx_v0400.dll| 4.0.30319.36393| 2,108,592| 06-Apr-2017| 20:26 \nxamlbuildtask.dll| 4.0.30319.36366| 133,968| 11-Aug-2016| 13:22 \npresentationcore.dll| 4.0.30319.36393| 3,210,944| 06-Apr-2017| 20:26 \nsystem.data.dll| 4.0.30319.36393| 3,238,064| 06-Apr-2017| 20:26 \nsystem.printing.dll| 4.0.30319.36366| 342,720| 11-Aug-2016| 13:22 \nsystem.transactions.dll| 4.0.30319.36366| 292,560| 11-Aug-2016| 13:22 \nsystem.web.dll| 4.0.30319.36430| 5,458,064| 12-Dec-2017| 19:06 \nmicrosoft.build.tasks.v4.0.dll| 4.0.30319.36366| 1,191,144| 11-Aug-2016| 13:22 \nmicrosoft.build.dll| 4.0.30319.36366| 1,448,128| 11-Aug-2016| 13:22 \npresentationframework.aero2.dll| 4.0.30319.36366| 256,912| 11-Aug-2016| 13:22 \npresentationframework.aerolite.dll| 4.0.30319.36366| 177,560| 11-Aug-2016| 13:22 \npresentationframework.dll| 4.0.30319.36393| 6,221,680| 06-Apr-2017| 20:26 \nreachframework.dll| 4.0.30319.36366| 595,280| 11-Aug-2016| 13:22 \nsmdiagnostics.dll| 4.0.30319.36450| 73,328| 08-Jun-2018| 16:05 \nsystem.activities.core.presentation.dll| 4.0.30319.36366| 718,256| 11-Aug-2016| 13:22 \nsystem.activities.presentation.dll| 4.0.30319.36366| 2,140,576| 11-Aug-2016| 13:22 \nsystem.activities.dll| 4.0.30319.36450| 1,582,704| 08-Jun-2018| 16:05 \nsystem.addin.dll| 4.0.30319.36366| 163,504| 11-Aug-2016| 13:22 \nsystem.componentmodel.composition.dll| 4.0.30319.36366| 312,096| 11-Aug-2016| 13:22 \nsystem.configuration.dll| 4.0.30319.36366| 402,640| 11-Aug-2016| 13:22 \nsystem.core.dll| 4.0.30319.36393| 1,271,968| 06-Apr-2017| 20:26 \nsystem.data.entity.dll| 4.0.30319.36366| 4,099,272| 11-Aug-2016| 13:22 \nsystem.data.linq.dll| 4.0.30319.36366| 698,568| 11-Aug-2016| 13:22 \nsystem.data.sqlxml.dll| 4.0.30319.36427| 752,320| 01-Dec-2017| 13:05 \nsystem.deployment.dll| 4.0.30319.36366| 853,696| 11-Aug-2016| 13:22 \nsystem.design.dll| 4.0.30319.36366| 5,056,176| 11-Aug-2016| 13:22 \nsystem.directoryservices.accountmanagement.dll| 4.0.30319.36366| 297,776| 27-Jul-2018| 07:24 \nsystem.directoryservices.protocols.dll| 4.0.30319.36366| 203,048| 11-Aug-2016| 13:22 \nsystem.directoryservices.dll| 4.0.30319.36366| 425,704| 11-Aug-2016| 13:22 \nsystem.drawing.design.dll| 4.0.30319.36366| 113,880| 11-Aug-2016| 13:22 \nsystem.drawing.dll| 4.0.30319.36366| 598,704| 11-Aug-2016| 13:22 \nsystem.identitymodel.services.dll| 4.0.30319.36450| 199,912| 08-Jun-2018| 16:05 \nsystem.identitymodel.dll| 4.0.30319.36450| 1,093,784| 08-Jun-2018| 16:05 \nsystem.io.compression.dll| 4.0.30319.36366| 71,904| 11-Aug-2016| 13:22 \nsystem.management.dll| 4.0.30319.36403| 417,472| 09-Jun-2017| 13:10 \nsystem.messaging.dll| 4.0.30319.36366| 275,640| 11-Aug-2016| 13:22 \nsystem.net.dll| 4.0.30319.36366| 259,736| 11-Aug-2016| 13:22 \nsystem.numerics.dll| 4.0.30319.36366| 86,192| 11-Aug-2016| 13:22 \nsystem.runtime.caching.dll| 4.0.30319.36393| 109,272| 06-Apr-2017| 20:26 \nsystem.runtime.remoting.dll| 4.0.30319.36415| 348,904| 31-Aug-2017| 13:08 \nsystem.runtime.serialization.dll| 4.0.30319.36450| 1,060,008| 08-Jun-2018| 16:05 \nsystem.runtime.windowsruntime.dll| 4.0.30319.36366| 152,328| 11-Aug-2016| 13:22 \nsystem.runtime.dll| 4.0.30319.36366| 36,536| 11-Aug-2016| 13:22 \nsystem.security.dll| 4.0.30319.36440| 301,648| 27-Mar-2018| 17:37 \nsystem.servicemodel.activation.dll| 4.0.30319.36366| 204,184| 11-Aug-2016| 13:22 \nsystem.servicemodel.channels.dll| 4.0.30319.36450| 159,624| 08-Jun-2018| 16:05 \nsystem.servicemodel.discovery.dll| 4.0.30319.36450| 312,712| 08-Jun-2018| 16:05 \nsystem.servicemodel.internals.dll| 4.0.30319.36450| 254,648| 08-Jun-2018| 16:05 \nsystem.servicemodel.routing.dll| 4.0.30319.36366| 132,496| 11-Aug-2016| 13:22 \nsystem.servicemodel.washosting.dll| 4.0.30319.36450| 39,664| 08-Jun-2018| 16:05 \nsystem.servicemodel.web.dll| 4.0.30319.36366| 332,520| 11-Aug-2016| 13:22 \nsystem.servicemodel.dll| 4.0.30319.36450| 6,386,832| 08-Jun-2018| 16:05 \nsystem.serviceprocess.dll| 4.0.30319.36366| 134,872| 11-Aug-2016| 13:22 \nsystem.threading.timer.dll| 4.0.30319.36366| 29,400| 11-Aug-2016| 13:22 \nsystem.web.applicationservices.dll| 4.0.30319.36430| 71,424| 12-Dec-2017| 19:05 \nsystem.web.extensions.dll| 4.0.30319.36430| 1,859,280| 12-Dec-2017| 19:05 \nsystem.web.mobile.dll| 4.0.30319.36366| 839,880| 11-Aug-2016| 13:22 \nsystem.web.services.dll| 4.0.30319.36366| 858,312| 11-Aug-2016| 13:22 \nsystem.windows.controls.ribbon.dll| 4.0.30319.36393| 751,512| 06-Apr-2017| 20:26 \nsystem.windows.forms.dll| 4.0.30319.36366| 4,859,608| 11-Aug-2016| 13:22 \nsystem.workflow.activities.dll| 4.0.30319.36450| 1,068,416| 08-Jun-2018| 16:05 \nsystem.workflow.componentmodel.dll| 4.0.30319.36450| 1,560,464| 08-Jun-2018| 16:05 \nsystem.workflow.runtime.dll| 4.0.30319.36450| 503,664| 08-Jun-2018| 16:05 \nsystem.xaml.dll| 4.0.30319.36393| 640,672| 06-Apr-2017| 20:26 \nsystem.xml.dll| 4.0.30319.36427| 2,705,040| 01-Dec-2017| 13:05 \nsystem.dll| 4.0.30319.36455| 3,488,792| 13-Jul-2018| 02:54 \nwindowsbase.dll| 4.0.30319.36393| 1,241,928| 06-Apr-2017| 20:26 \nwindowsformsintegration.dll| 4.0.30319.36366| 102,784| 11-Aug-2016| 13:22 \nxamlbuildtask.dll| 4.0.30319.36366| 133,968| 11-Aug-2016| 13:22 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 47,076| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 40,566| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 67,808| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 61,718| 21-Nov-2017| 07:23 \naspnet_counters.dll| 4.0.30319.36366| 28,352| 11-Aug-2016| 13:22 \naspnet_filter.dll| 4.0.30319.36366| 34,488| 11-Aug-2016| 13:22 \naspnet_isapi.dll| 4.0.30319.36366| 24,752| 11-Aug-2016| 13:22 \naspnet_perf.dll| 4.0.30319.36430| 41,616| 12-Dec-2017| 19:05 \naspnet_rc.dll| 4.0.30319.36366| 90,280| 11-Aug-2016| 13:22 \naspnet_regiis.exe| 4.0.30319.36366| 41,136| 11-Aug-2016| 13:22 \naspnet_state.exe| 4.0.30319.36366| 45,744| 11-Aug-2016| 13:22 \naspnet_state_perf.h| | 318| 15-Nov-2017| 00:50 \naspnet_state_perf.ini| | 42,996| 15-Nov-2017| 00:50 \naspnet_wp.exe| 4.0.30319.36430| 43,104| 12-Dec-2017| 19:05 \nblackberry.browser| | 2,389| 04-Jun-2015| 23:02 \nchrome.browser| | 2,107| 04-Jun-2015| 23:02 \ndefault.browser| | 11,568| 04-Jun-2015| 23:02 \nfirefox.browser| | 2,336| 04-Jun-2015| 23:02 \ngateway.browser| | 5,630| 04-Jun-2015| 23:02 \ngeneric.browser| | 5,569| 04-Jun-2015| 23:02 \nie.browser| | 5,166| 04-Jun-2015| 23:02 \niemobile.browser| | 4,045| 04-Jun-2015| 23:02 \niphone.browser| | 1,759| 04-Jun-2015| 23:02 \nopera.browser| | 5,248| 04-Jun-2015| 23:02 \nsafari.browser| | 3,560| 04-Jun-2015| 23:02 \nucbrowser.browser| | 1,725| 04-Jun-2015| 23:02 \nclr-etw.man| | 303,549| 28-Dec-2016| 04:30 \nclretwrc.dll| 4.0.30319.36366| 228,008| 28-Dec-2016| 04:30 \nclrjit.dll| 4.0.30319.36460| 510,464| 24-Jul-2018| 15:10 \nclr.dll| 4.0.30319.36460| 6,939,640| 24-Jul-2018| 15:10 \ncorperfmonext.dll| 4.0.30319.36366| 127,672| 11-Aug-2016| 13:22 \ncsc.rsp| | 1,329| 04-Jun-2015| 23:02 \ncsc.exe| 4.0.30319.36366| 1,853,072| 11-Aug-2016| 13:22 \ncsc.exe.config| | 182| 04-Jun-2015| 23:02 \nculture.dll| 4.0.30319.36366| 54,432| 22-Aug-2016| 13:09 \nlocale.nlp| | 419,632| 22-Aug-2015| 13:09 \ndfdll.dll| 4.0.30319.36366| 141,976| 11-Aug-2016| 13:22 \ninstallpersistsqlstate.sql| | 54,647| 28-Dec-2016| 04:30 \ninstallsqlstatetemplate.sql| | 56,233| 28-Dec-2016| 04:30 \ninstallsqlstate.sql| | 54,427| 28-Dec-2016| 04:30 \nmicrosoft.common.overridetasks| | 6,297| 04-Jun-2015| 23:02 \nmicrosoft.data.entity.targets| | 6,501| 04-Jun-2015| 23:02 \nmicrosoft.workflowbuildextensions.targets| | 7,537| 27-Jul-2018| 07:24 \nmicrosoft.xaml.targets| | 19,848| 04-Jun-2015| 23:02 \nmmcaspext.dll| 4.0.30319.36366| 107,176| 11-Aug-2016| 13:22 \nmicrosoft.common.targets| | 262,547| 04-Jun-2015| 23:02 \nmicrosoft.csharp.targets| | 23,618| 04-Jun-2015| 23:02 \nmicrosoft.netframework.props| | 11,957| 04-Jun-2015| 23:02 \nmicrosoft.netframework.targets| | 8,183| 04-Jun-2015| 23:02 \nmicrosoft.visualbasic.targets| | 23,329| 04-Jun-2015| 23:02 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 24-Jul-2018| 15:10 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 24-Jul-2018| 15:10 \nmscoreei.dll| 4.0.30319.36366| 516,256| 11-Aug-2016| 13:22 \nmscorrc.dll| 4.0.30319.36366| 395,936| 11-Aug-2016| 13:22 \nmscorsvc.dll| 4.0.30319.36366| 414,880| 11-Aug-2016| 13:22 \nmscorsvw.exe| 4.0.30319.36366| 103,600| 22-Aug-2016| 13:09 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 24-Jul-2018| 15:10 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 24-Jul-2018| 15:10 \nngen.exe| 4.0.30319.36366| 140,944| 22-Aug-2016| 13:09 \npenimc.dll| 4.0.30319.36393| 81,560| 06-Apr-2017| 20:26 \npeverify.dll| 4.0.30319.36460| 163,968| 24-Jul-2018| 15:10 \npresentationhost_v0400.dll| 4.0.30319.36393| 186,072| 06-Apr-2017| 20:26 \npresentationnative_v0400.dll| 4.0.30319.36393| 790,240| 06-Apr-2017| 20:26 \nservicemonikersupport.dll| 4.0.30319.36450| 28,360| 08-Jun-2018| 16:05 \nsos.dll| 4.0.30319.36460| 762,472| 24-Jul-2018| 15:10 \nsystem.addin.dll| 4.0.30319.36366| 163,504| 11-Aug-2016| 13:22 \nsystem.core.dll| 4.0.30319.36393| 1,271,968| 06-Apr-2017| 20:26 \nsystem.data.entity.dll| 4.0.30319.36366| 4,099,272| 11-Aug-2016| 13:22 \nsystem.data.linq.dll| 4.0.30319.36366| 698,568| 11-Aug-2016| 13:22 \nsystem.net.dll| 4.0.30319.36366| 259,736| 11-Aug-2016| 13:22 \nsystem.web.extensions.dll| 4.0.30319.36430| 1,859,280| 12-Dec-2017| 19:05 \nvbc.rsp| | 1,467| 04-Jun-2015| 23:03 \nvbc.exe| 12.0.52366.36366| 2,459,280| 11-Aug-2016| 13:22 \nvbc.exe.config| | 182| 04-Jun-2015| 23:03 \nwebengine4.dll| 4.0.30319.36430| 509,584| 12-Dec-2017| 19:05 \nwebengine.dll| 4.0.30319.36430| 24,720| 12-Dec-2017| 19:05 \nwminet_utils.dll| 4.0.30319.36403| 126,128| 09-Jun-2017| 13:10 \nworkflowservicehostperformancecounters.dll| 4.0.30319.36450| 75,536| 27-Jul-2018| 07:24 \nwpfgfx_v0400.dll| 4.0.30319.36393| 1,648,304| 06-Apr-2017| 20:26 \npresentationcore.dll| 4.0.30319.36393| 3,226,976| 06-Apr-2017| 20:26 \nsystem.data.dll| 4.0.30319.36393| 3,209,392| 06-Apr-2017| 20:26 \nsystem.printing.dll| 4.0.30319.36366| 343,384| 11-Aug-2016| 13:22 \nsystem.transactions.dll| 4.0.30319.36366| 289,488| 11-Aug-2016| 13:22 \nsystem.web.dll| 4.0.30319.36430| 5,464,208| 12-Dec-2017| 19:05 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344148)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344148", "href": "https://support.microsoft.com/en-us/help/4344148", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T22:35:30", "description": "<html><body><p>Resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.</p><h2></h2><p>This article also applies to the following:</p><ul><li>Microsoft .NET Framework 3.5</li></ul><h2>Summary</h2><div class=\"kb-summary-section section\"><p>This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.</p><p>To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.</p><p>This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.</p>To learn more about this vulnerability, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360\" id=\"kb-link-2\" target=\"\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8360</a>.</div><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see </span></span></span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/4019990\" target=\"_blank\">KB 4019990</a><span><span><span>.</span></span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security\u00a0update as it relates to individual product versions.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344175\" managed-link=\"\" target=\"_blank\">4344175</a> Description of the Security Only update for .NET Framework 3.5 for Windows Server 2012 (KB 4344175)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344172\" managed-link=\"\" target=\"_blank\">4344172</a> Description of the Security Only update for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344172)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344165\" managed-link=\"\" target=\"_blank\">4344165</a> Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4344165)</li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T17:07:55", "type": "mskb", "title": "Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4345680)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T17:07:55", "id": "KB4345680", "href": "https://support.microsoft.com/en-us/help/4345680/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:33", "description": "None\n## Summary\n\nThis update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update [2919355](<https://support.microsoft.com/en-us/help/2919355>) to be installed. We recommend that you install update [2919355](<https://support.microsoft.com/en-us/help/2919355>) on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2, see the following article in the Microsoft Knowledge Base:[4345592](<https://support.microsoft.com/help/4345592>) Security and Quality Rollup updates for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4345592)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345592** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces previously released updates [4340558](<https://support.microsoft.com/help/4340558>) and [4291497](<https://support.microsoft.com/help/4291497>). \n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4344147-x64.msu| 73CD95E3B2697458001FDA69AEBB8891DDCAC168| DE42CB0B14093C8C04F63298B7FFD395CE4A0A1B810A3D89D941285000FC9401 \nWindows8.1-KB4344147-x86.msu| 67EBC9C75D9E080DD0A8D05B79D9B54256006DD2| 5568FCFFBC84A67A3D7DB7A18A66C51C2A5D0BBF7DE38B3D66CC338AFEEE4885 \n \n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:30 \nbig5.nlp| | 66,728| 21-Nov-2017| 07:23 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 07:23 \nksc.nlp| | 116,756| 21-Nov-2017| 07:23 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 07:23 \nprc.nlp| | 83,748| 21-Nov-2017| 07:23 \nprcp.nlp| | 83,748| 21-Nov-2017| 07:23 \nsortkey.nlp| | 262,148| 21-Nov-2017| 07:23 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 07:23 \nxjis.nlp| | 28,288| 21-Nov-2017| 07:23 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 21-Nov-2017| 07:23 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 07:23 \nksc.nlp| | 116,756| 21-Nov-2017| 07:23 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 07:23 \nprc.nlp| | 83,748| 21-Nov-2017| 07:23 \nprcp.nlp| | 83,748| 21-Nov-2017| 07:23 \nsortkey.nlp| | 262,148| 21-Nov-2017| 07:23 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 07:23 \nxjis.nlp| | 28,288| 21-Nov-2017| 07:23 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 15:10 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:30 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:30 \nbig5.nlp| | 66,728| 21-Nov-2017| 07:23 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 07:23 \nksc.nlp| | 116,756| 21-Nov-2017| 07:23 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 07:23 \nprc.nlp| | 83,748| 21-Nov-2017| 07:23 \nprcp.nlp| | 83,748| 21-Nov-2017| 07:23 \nsortkey.nlp| | 262,148| 21-Nov-2017| 07:23 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 07:23 \nxjis.nlp| | 28,288| 21-Nov-2017| 07:23 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB 4344147)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344147", "href": "https://support.microsoft.com/en-us/help/4344147", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:45", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update [2919355](<https://support.microsoft.com/en-us/help/2919355>) to be installed. We recommend that you install update [2919355](<https://support.microsoft.com/en-us/help/2919355>) on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2, see the following article in the Microsoft Knowledge Base:[4345681](<https://support.microsoft.com/help/4345681>) Security Only updates for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4345681)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345681>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345681** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update does not replace any previously released update.\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4344171-arm.msu| 824446FC5239CED92236DA038DAB7518F4DB383E| F4F06A591AA8B7E1F44AFAFA078F62DA15BE632C5022B1901A128CDCAFAADAA6 \nWindows8.1-KB4344171-x64.msu| 09D8F42F5CD522E04ED17EDBCB65BE101F00577A| A547E0271E71F64D81F4D93F19C624DCA7DFE2E0FAF7B947FC482C78AAC04B75 \nWindows8.1-KB4344171-x86.msu| 992B183C68B90ABFC32338D64D1876DE0ADEAFCB| 72A8F27E6CCABEFA8C35BDF2940AB8BB7345CD668AF382D437C7500E4758D918 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nsystem.dll| 4.0.30319.36455| 3,488,792| 12-Jul-2018| 13:11 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 24-Jul-2018| 13:10 \nnormidna.nlp| | 59,342| 07-Nov-2017| 17:51 \nnormnfc.nlp| | 47,076| 07-Nov-2017| 17:51 \nnormnfd.nlp| | 40,566| 07-Nov-2017| 17:51 \nnormnfkc.nlp| | 67,808| 07-Nov-2017| 17:51 \nnormnfkd.nlp| | 61,718| 07-Nov-2017| 17:51 \nclrjit.dll| 4.0.30319.36460| 510,464| 24-Jul-2018| 13:10 \nclr.dll| 4.0.30319.36460| 6,939,640| 24-Jul-2018| 13:10 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 24-Jul-2018| 13:10 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 24-Jul-2018| 13:10 \nmscorlib.ni.dll| 4.0.30319.36460| 17,234,888| 24-Jul-2018| 13:10 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 24-Jul-2018| 13:10 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 24-Jul-2018| 13:10 \npeverify.dll| 4.0.30319.36460| 163,968| 24-Jul-2018| 13:10 \nsos.dll| 4.0.30319.36460| 762,472| 24-Jul-2018| 13:10 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.0.30319.36460| 5,219,968| 24-Jul-2018| 13:11 \nnormidna.nlp| | 59,342| 26-Oct-2017| 16:05 \nnormnfc.nlp| | 47,076| 26-Oct-2017| 16:05 \nnormnfd.nlp| | 40,566| 26-Oct-2017| 16:05 \nnormnfkc.nlp| | 67,808| 26-Oct-2017| 16:05 \nnormnfkd.nlp| | 61,718| 26-Oct-2017| 16:05 \nclrjit.dll| 4.0.30319.36460| 1,234,552| 24-Jul-2018| 13:11 \nclr.dll| 4.0.30319.36460| 10,070,120| 24-Jul-2018| 13:11 \nmscordacwks.dll| 4.0.30319.36460| 1,731,208| 24-Jul-2018| 13:11 \nmscordbi.dll| 4.0.30319.36460| 1,533,568| 24-Jul-2018| 13:11 \nmscorlib.ni.dll| 4.0.30319.36460| 22,687,296| 24-Jul-2018| 13:11 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 678,584| 24-Jul-2018| 13:11 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 869,536| 24-Jul-2018| 13:11 \npeverify.dll| 4.0.30319.36460| 225,920| 24-Jul-2018| 13:11 \nsos.dll| 4.0.30319.36460| 822,888| 24-Jul-2018| 13:11 \nsystem.dll| 4.0.30319.36455| 3,488,792| 12-Jul-2018| 13:13 \nsystem.dll| 4.0.30319.36455| 3,488,792| 12-Jul-2018| 13:11 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 24-Jul-2018| 13:10 \nnormidna.nlp| | 59,342| 07-Nov-2017| 17:51 \nnormnfc.nlp| | 47,076| 07-Nov-2017| 17:51 \nnormnfd.nlp| | 40,566| 07-Nov-2017| 17:51 \nnormnfkc.nlp| | 67,808| 07-Nov-2017| 17:51 \nnormnfkd.nlp| | 61,718| 07-Nov-2017| 17:51 \nclrjit.dll| 4.0.30319.36460| 510,464| 24-Jul-2018| 13:10 \nclr.dll| 4.0.30319.36460| 6,939,640| 24-Jul-2018| 13:10 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 24-Jul-2018| 13:10 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 24-Jul-2018| 13:10 \nmscorlib.ni.dll| 4.0.30319.36460| 17,234,888| 24-Jul-2018| 13:10 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 24-Jul-2018| 13:10 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 24-Jul-2018| 13:10 \npeverify.dll| 4.0.30319.36460| 163,968| 24-Jul-2018| 13:10 \nsos.dll| 4.0.30319.36460| 762,472| 24-Jul-2018| 13:10 \n**For all supported ARM-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.0.30319.36460| 5,270,184| 24-Jul-2018| 13:11 \nnormidna.nlp| | 59,342| 08-Nov-2017| 15:14 \nnormnfc.nlp| | 47,076| 08-Nov-2017| 15:14 \nnormnfd.nlp| | 40,566| 08-Nov-2017| 15:14 \nnormnfkc.nlp| | 67,808| 08-Nov-2017| 15:14 \nnormnfkd.nlp| | 61,718| 08-Nov-2017| 15:14 \nclrjit.dll| 4.0.30319.36460| 625,544| 24-Jul-2018| 13:11 \nclr.dll| 4.0.30319.36460| 7,099,800| 24-Jul-2018| 13:11 \nmscordacwks.dll| 4.0.30319.36460| 1,305,504| 24-Jul-2018| 13:11 \nmscordbi.dll| 4.0.30319.36460| 1,120,168| 24-Jul-2018| 13:11 \nmscorlib.ni.dll| 4.0.30319.36460| 17,567,416| 24-Jul-2018| 13:11 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 602,024| 24-Jul-2018| 13:11 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 634,288| 24-Jul-2018| 13:11 \nsos.dll| 4.0.30319.36460| 666,496| 24-Jul-2018| 13:11 \nsystem.dll| 4.0.30319.36455| 3,488,792| 12-Jul-2018| 13:11 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344171)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344171", "href": "https://support.microsoft.com/en-us/help/4344171", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:46", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:[4345679](<https://support.microsoft.com/help/4345679>) Security Only updates for .NET Framework 3.5.1, 4.5.2 and 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345679)For more information about this security update as it relates to Windows Server 2008 SP2, see the following article in the Microsoft Knowledge Base:[4345682](<https://support.microsoft.com/help/4345682>) Security Only updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2 and 4.6 for Windows Server 2008 SP2 (KB 4345682)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the Microsoft Update Catalog.\n\n * For Windows 7 SP1 and Windows Server 2008 R2 SP1, go to update [KB 4345679](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345679>).\n * For Windows Server 2008, go to update [KB 4345682](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345682>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345679** for Windows 7 SP1 and Windows Server 2008 R2 SP1 or type **4345682** for Windows Server 2008 SP2 in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces update [4020507](<https://support.microsoft.com/help/4020507>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nNDP45-KB4344173-x64.exe| DFE292179D0EC314BEFE2C9C1B72F1B8E40882F1| 518517C3823F4421CCA3DAAAEE8CE48AFA091F74C33D3512E0A3E06B5B592F44 \nNDP45-KB4344173-x86.exe| 15580CE80ECBE44BA48C1DDFDEA40D2FD4D8B915| C03D41FC29A61EB52178C226E5FE992C4A4F151FAE8511631DD713173AB9CDD3 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nclr.dll| 4.0.30319.36460| 6,939,640| 27-Jul-2018| 07:43 \nclrjit.dll| 4.0.30319.36460| 510,464| 27-Jul-2018| 07:43 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 27-Jul-2018| 07:43 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 27-Jul-2018| 07:43 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 27-Jul-2018| 07:43 \npeverify.dll| 4.0.30319.36460| 163,968| 27-Jul-2018| 07:44 \nSOS.dll| 4.0.30319.36460| 762,472| 27-Jul-2018| 07:43 \nSystem.dll| 4.0.30319.36460| 3,490,240| 27-Jul-2018| 07:43 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 27-Jul-2018| 07:43 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 27-Jul-2018| 07:43 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nclr.dll| 4.0.30319.36460| 10,070,120| 27-Jul-2018| 08:20 \nclr.dll| 4.0.30319.36460| 6,939,640| 27-Jul-2018| 07:43 \nclrjit.dll| 4.0.30319.36460| 1,234,552| 27-Jul-2018| 08:20 \nclrjit.dll| 4.0.30319.36460| 510,464| 27-Jul-2018| 07:43 \nmscordacwks.dll| 4.0.30319.36460| 1,731,208| 27-Jul-2018| 08:20 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 27-Jul-2018| 07:43 \nmscordbi.dll| 4.0.30319.36460| 1,533,568| 27-Jul-2018| 08:20 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 27-Jul-2018| 07:43 \nmscorlib.dll| 4.0.30319.36460| 5,219,968| 27-Jul-2018| 08:20 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 27-Jul-2018| 07:43 \npeverify.dll| 4.0.30319.36460| 225,920| 27-Jul-2018| 08:20 \npeverify.dll| 4.0.30319.36460| 163,968| 27-Jul-2018| 07:44 \nSOS.dll| 4.0.30319.36460| 822,888| 27-Jul-2018| 08:20 \nSOS.dll| 4.0.30319.36460| 762,472| 27-Jul-2018| 07:43 \nSystem.dll| 4.0.30319.36460| 3,490,240| 27-Jul-2018| 07:43 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 678,584| 27-Jul-2018| 08:20 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 27-Jul-2018| 07:43 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 869,536| 27-Jul-2018| 08:20 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 27-Jul-2018| 07:43 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 SP2 (KB 4344173)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344173", "href": "https://support.microsoft.com/en-us/help/4344173", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:43", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll update to be installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll update, see [KB 4019990](<https://support.microsoft.com/en-us/help/4019990>) for Windows 7 SP1 and Windows Server 2008 R2 SP1. Or, see [KB 4019478](<https://support.microsoft.com/en-us/help/4019478>) for Windows Server 2008 SP2.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:[4345679](<https://support.microsoft.com/help/4345679>) Security Only updates for .NET Framework 3.5.1, 4.5.2 and 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345679)For more information about this security update as it relates to Windows Server 2008, see the following article in the Microsoft Knowledge Base:[4345682](<https://support.microsoft.com/help/4345682>) Security Only updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4345682)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the Microsoft Update Catalog.\n\n * For Windows 7 SP1 and Windows Server 2008 R2 SP1, go to update [KB 4345679](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345679>).\n * For Windows Server 2008, go to update [KB 4345682](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345682>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345679** for Windows 7 SP1 and Windows Server 2008 R2 SP1 or type **4345682** for Windows Server 2008 SP2 in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update does not replace any previously released update.\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nNDP46-KB4344167-x64.exe| ADC94283059DB5F102AA2180C73D8570F0EFC9C5| 604A497C1BFE532E19F821084391D48852D0E2FF94C62B25A913354B96949DC8 \nNDP46-KB4344167-x86.exe| 0D6D228F87DBA8CA0F37AA3B017B7DD590DE8EF0| 3963AB60A34362DFE20EAF85B0125395754FC33CC163B81190AEA17531A0C9EE \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nclr.dll| 4.7.3133.0| 7,249,400| 27-Jul-2018| 19:16 \nclrjit.dll| 4.7.3133.0| 524,288| 27-Jul-2018| 19:16 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 27-Jul-2018| 19:16 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 27-Jul-2018| 19:16 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 27-Jul-2018| 19:16 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 27-Jul-2018| 19:20 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 27-Jul-2018| 19:20 \npeverify.dll| 4.7.3133.0| 189,960| 27-Jul-2018| 19:16 \nSOS.dll| 4.7.3133.0| 744,952| 27-Jul-2018| 19:16 \nSystem.dll| 4.7.3151.0| 3,555,872| 27-Jul-2018| 19:19 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nclr.dll| 4.7.3133.0| 10,378,664| 27-Jul-2018| 19:16 \nclr.dll| 4.7.3133.0| 7,249,400| 27-Jul-2018| 19:16 \nclrjit.dll| 4.7.3133.0| 1,227,192| 27-Jul-2018| 19:16 \nclrjit.dll| 4.7.3133.0| 524,288| 27-Jul-2018| 19:16 \ncompatjit.dll| 4.7.3133.0| 1,262,528| 27-Jul-2018| 19:16 \nmscordacwks.dll| 4.7.3133.0| 1,843,656| 27-Jul-2018| 19:16 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 27-Jul-2018| 19:16 \nmscordbi.dll| 4.7.3133.0| 1,625,024| 27-Jul-2018| 19:16 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 27-Jul-2018| 19:16 \nmscorlib.dll| 4.7.3133.0| 5,420,992| 27-Jul-2018| 19:16 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 27-Jul-2018| 19:16 \nmsvcp120_clr0400.dll| 12.0.52519.0| 690,008| 27-Jul-2018| 19:35 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 27-Jul-2018| 19:20 \nmsvcr120_clr0400.dll| 12.0.52519.0| 993,632| 27-Jul-2018| 19:35 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 27-Jul-2018| 19:20 \npeverify.dll| 4.7.3133.0| 263,104| 27-Jul-2018| 19:16 \npeverify.dll| 4.7.3133.0| 189,960| 27-Jul-2018| 19:16 \nSOS.dll| 4.7.3133.0| 874,920| 27-Jul-2018| 19:16 \nSOS.dll| 4.7.3133.0| 744,952| 27-Jul-2018| 19:16 \nSystem.dll| 4.7.3151.0| 3,555,872| 27-Jul-2018| 19:19 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 SP2 (KB 4344167)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344167", "href": "https://support.microsoft.com/en-us/help/4344167", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:41", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update [2919355](<https://support.microsoft.com/en-us/help/2919355>) to be installed. We recommend that you install update [2919355](<https://support.microsoft.com/en-us/help/2919355>) on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2, see the following article in the Microsoft Knowledge Base:[4345681](<https://support.microsoft.com/help/4345681>) Security Only updates for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4345681)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345681>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345681** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update does not replace any previously released update.\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4344166-arm.msu| 1F381AD49A428705B13FC2B3F552427E340311CE| A7A495B4140102808FFC58CD2194F1B2B5FCBB337CCC1E558FD66FFDE912CEA6 \nWindows8.1-KB4344166-x64.msu| CCC4D1BA7D8288B04FBFD22BC97FC5734B38E5F6| D56A3821F43F498AB58C952FE392F2147849BEC07B93E8F4D241473B2F6220FD \nWindows8.1-KB4344166-x86.msu| D6D7F4CC9DB889A2559F75750F016E640B8F992F| 6D5161C0C0BEC1CA26253756C214188C5D4F8A6B39DDA5AF2CD845EF56917406 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 25-Jul-2018| 02:50 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \nclrjit.dll| 4.7.3133.0| 524,288| 25-Jul-2018| 02:50 \nclr.dll| 4.7.3133.0| 7,249,400| 25-Jul-2018| 02:50 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 25-Jul-2018| 02:50 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 25-Jul-2018| 02:50 \nmscorlib.ni.dll| 4.7.3133.0| 20,528,720| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 11-May-2018| 01:43 \npeverify.dll| 4.7.3133.0| 189,960| 25-Jul-2018| 02:50 \nsos.dll| 4.7.3133.0| 744,952| 25-Jul-2018| 02:50 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.7.3133.0| 5,420,992| 25-Jul-2018| 02:09 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \nclrjit.dll| 4.7.3133.0| 1,227,192| 25-Jul-2018| 02:09 \nclr.dll| 4.7.3133.0| 10,378,664| 25-Jul-2018| 02:09 \ncompatjit.dll| 4.7.3133.0| 1,262,528| 25-Jul-2018| 02:09 \nmscordacwks.dll| 4.7.3133.0| 1,843,656| 25-Jul-2018| 02:09 \nmscordbi.dll| 4.7.3133.0| 1,625,024| 25-Jul-2018| 02:09 \nmscorlib.ni.dll| 4.7.3133.0| 22,590,008| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52519.0| 690,008| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 993,632| 11-May-2018| 01:43 \npeverify.dll| 4.7.3133.0| 263,104| 25-Jul-2018| 02:09 \nsos.dll| 4.7.3133.0| 874,920| 25-Jul-2018| 02:09 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 25-Jul-2018| 02:50 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \nclrjit.dll| 4.7.3133.0| 524,288| 25-Jul-2018| 02:50 \nclr.dll| 4.7.3133.0| 7,249,400| 25-Jul-2018| 02:50 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 25-Jul-2018| 02:50 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 25-Jul-2018| 02:50 \nmscorlib.ni.dll| 4.7.3133.0| 20,528,720| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 11-May-2018| 01:43 \npeverify.dll| 4.7.3133.0| 189,960| 25-Jul-2018| 02:50 \nsos.dll| 4.7.3133.0| 744,952| 25-Jul-2018| 02:50 \n**For all supported ARM-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.7.3133.0| 5,639,048| 25-Jul-2018| 02:09 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \nclrjit.dll| 4.7.3133.0| 686,976| 25-Jul-2018| 02:09 \nclr.dll| 4.7.3133.0| 6,759,800| 25-Jul-2018| 02:09 \nmscordacwks.dll| 4.7.3133.0| 1,296,792| 25-Jul-2018| 02:09 \nmscordbi.dll| 4.7.3133.0| 1,131,920| 25-Jul-2018| 02:09 \nmscorlib.ni.dll| 4.7.3133.0| 20,717,104| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52242.36242| 602,080| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52242.36242| 634,336| 11-May-2018| 01:43 \nsos.dll| 4.7.3133.0| 648,568| 25-Jul-2018| 02:09 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344166)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344166", "href": "https://support.microsoft.com/en-us/help/4344166", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T22:44:03", "description": "<html><body><p>Resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.</p><h2>Summary</h2><div class=\"kb-summary-section section\"><p>This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which\u00a0content from one stream can blend into another stream.</p><p>To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.</p><p>This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.</p>To learn more about this vulnerability, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360\" id=\"kb-link-2\" target=\"\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8360</a>.</div><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see </span></span></span><a href=\"https://support.microsoft.com/en-us/help/4019990\"><span><span>KB 4019990</span></span></a><span><span><span>.</span></span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344152\" managed-link=\"\" target=\"_blank\">4344152</a> Description of the Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4344152)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344149\" managed-link=\"\" target=\"_blank\">4344149</a> Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1 and Server 2008 SP2\u00a0 (KB 4344149)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344146\" managed-link=\"\" target=\"_blank\">4344146</a> Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1, Server 2008 R2 SP1 and for .NET Framework 4.6 for Server 2008 SP2 (KB 4344146)</li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T17:08:04", "type": "mskb", "title": "Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345590)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T17:08:04", "id": "KB4345590", "href": "https://support.microsoft.com/en-us/help/4345590/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:36", "description": "None\nThis article also applies to the following:\n\n * Microsoft .NET Framework 3.5\n\n## Summary\n\nThis update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows Server 2012, see the following article in the Microsoft Knowledge Base:[4345591](<https://support.microsoft.com/help/4345591>) Security and Quality Rollup updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4345591)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345591** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces previously released updates [4340557](<https://support.microsoft.com/help/4340557>) and [4291495](<https://support.microsoft.com/help/4291495>). \n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8-RT-KB4344150-x64.msu| 39F7CB387D005D79621303989218BCDA45F3E323| E15BC2C41D9B0E51D2171C79D8B7FE0357DB0BAA017D5A5D67A3F54564C1A2E8 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 21-Nov-2017| 07:23 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 07:23 \nksc.nlp| | 116,756| 21-Nov-2017| 07:23 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 07:23 \nprc.nlp| | 83,748| 21-Nov-2017| 07:23 \nprcp.nlp| | 83,748| 21-Nov-2017| 07:23 \nsortkey.nlp| | 262,148| 21-Nov-2017| 07:23 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 07:23 \nxjis.nlp| | 28,288| 21-Nov-2017| 07:23 \naspnet_wp.exe| 2.0.50727.8762| 43,160| 07-Apr-2017| 13:09 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 15:10 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 01-Dec-2017| 13:13 \nsystem.management.dll| 2.0.50727.8766| 389,120| 12-Jul-2017| 13:09 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:09 \nsystem.security.dll| 2.0.50727.8784| 274,432| 27-Mar-2018| 17:37 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 07-Apr-2017| 13:09 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 01-Dec-2017| 13:13 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:30 \nwebengine.dll| 2.0.50727.8762| 746,648| 07-Apr-2017| 13:09 \nwminet_utils.dll| 2.0.50727.8766| 140,960| 12-Jul-2017| 13:09 \npresentationcore.dll| 3.0.6920.8773| 4,006,400| 29-Mar-2017| 13:09 \npresentationfontcache.exe.config| | 161| 06-Jul-2012| 20:06 \nwpfgfx_v0300.dll| 3.0.6920.8773| 2,256,032| 29-Mar-2017| 13:09 \nsystem.data.dll| 2.0.50727.8762| 3,150,336| 06-Apr-2017| 20:26 \nsystem.printing.dll| 3.0.6920.8773| 358,400| 29-Mar-2017| 13:09 \nsystem.web.dll| 2.0.50727.8762| 5,296,128| 07-Apr-2017| 13:09 \nservicemonikersupport.dll| 3.0.4506.8800| 20,144| 11-Jun-2018| 13:06 \nsmdiagnostics.dll| 3.0.4506.8800| 94,208| 11-Jun-2018| 13:06 \nsmsvchost.exe| 3.0.4506.8800| 117,376| 11-Jun-2018| 13:06 \nsystem.identitymodel.dll| 3.0.4506.8800| 405,504| 11-Jun-2018| 13:06 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 13:06 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 13:06 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 13:06 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:06 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 13:06 \npenimc.dll| 3.0.6920.8773| 85,648| 29-Mar-2017| 13:09 \npresentationframework.dll| 3.0.6920.8773| 4,640,768| 29-Mar-2017| 13:09 \npresentationhostdll.dll| 3.0.6920.8773| 172,208| 29-Mar-2017| 13:09 \nreachframework.dll| 3.0.6920.8773| 532,480| 29-Mar-2017| 13:09 \nwindowsbase.dll| 3.0.6920.8773| 1,118,208| 29-Mar-2017| 13:09 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,060,864| 11-Jun-2018| 13:06 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,519,616| 11-Jun-2018| 13:06 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 454,656| 11-Jun-2018| 13:06 \nmscorlib.resources.dll| 2.0.50727.4927| 352,256| 21-Nov-2017| 07:26 \nmscorlib.resources.dll| 2.0.50727.4927| 303,104| 21-Nov-2017| 07:30 \nmscorlib.resources.dll| 2.0.50727.4927| 299,008| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.6400| 315,392| 21-Nov-2017| 07:30 \nmscorlib.resources.dll| 2.0.50727.4927| 425,984| 21-Nov-2017| 07:27 \nmscorlib.resources.dll| 2.0.50727.6400| 307,200| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.4927| 299,008| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.6400| 311,296| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.4927| 331,776| 21-Nov-2017| 07:27 \nmscorlib.resources.dll| 2.0.50727.4927| 315,392| 21-Nov-2017| 07:29 \nmscorlib.resources.dll| 2.0.50727.6400| 307,200| 21-Nov-2017| 07:30 \nmscorlib.resources.dll| 2.0.50727.6400| 348,160| 21-Nov-2017| 07:27 \nmscorlib.resources.dll| 2.0.50727.6400| 319,488| 21-Nov-2017| 07:31 \nmscorlib.resources.dll| 2.0.50727.4927| 290,816| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.6400| 303,104| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.4927| 311,296| 21-Nov-2017| 07:30 \nmscorlib.resources.dll| 2.0.50727.4927| 303,104| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.4927| 307,200| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.4927| 397,312| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.4927| 299,008| 21-Nov-2017| 07:29 \nmscorlib.resources.dll| 2.0.50727.4927| 299,008| 21-Nov-2017| 07:29 \nmscorlib.resources.dll| 2.0.50727.6400| 278,528| 21-Nov-2017| 07:28 \nmscorlib.resources.dll| 2.0.50727.6400| 278,528| 21-Nov-2017| 07:28 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 29-Mar-2017| 13:09 \nreachframework.dll| 3.0.6920.8773| 532,480| 29-Mar-2017| 13:09 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 13:06 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 13:06 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 01-Dec-2017| 13:05 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:06 \nsystem.management.dll| 2.0.50727.8766| 389,120| 12-Jul-2017| 13:09 \nsystem.resources.dll| 2.0.50727.4927| 237,568| 21-Nov-2017| 07:27 \nsystem.resources.dll| 2.0.50727.4927| 200,704| 21-Nov-2017| 07:30 \nsystem.resources.dll| 2.0.50727.4927| 196,608| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.6400| 212,992| 21-Nov-2017| 07:30 \nsystem.resources.dll| 2.0.50727.4927| 290,816| 21-Nov-2017| 07:27 \nsystem.resources.dll| 2.0.50727.6400| 208,896| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.4927| 196,608| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.6400| 212,992| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.4927| 217,088| 21-Nov-2017| 07:27 \nsystem.resources.dll| 2.0.50727.4927| 212,992| 21-Nov-2017| 07:30 \nsystem.resources.dll| 2.0.50727.6400| 204,800| 21-Nov-2017| 07:30 \nsystem.resources.dll| 2.0.50727.6400| 233,472| 21-Nov-2017| 07:27 \nsystem.resources.dll| 2.0.50727.6400| 217,088| 21-Nov-2017| 07:31 \nsystem.resources.dll| 2.0.50727.4927| 192,512| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.6400| 208,896| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.4927| 204,800| 21-Nov-2017| 07:30 \nsystem.resources.dll| 2.0.50727.4927| 204,800| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.4927| 204,800| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.4927| 262,144| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.4927| 196,608| 21-Nov-2017| 07:29 \nsystem.resources.dll| 2.0.50727.4927| 196,608| 21-Nov-2017| 07:29 \nsystem.resources.dll| 2.0.50727.6400| 184,320| 21-Nov-2017| 07:28 \nsystem.resources.dll| 2.0.50727.6400| 184,320| 21-Nov-2017| 07:28 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:08 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:06 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:06 \nsystem.security.dll| 2.0.50727.8784| 274,432| 27-Mar-2018| 17:37 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:06 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:06 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:06 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 07-Apr-2017| 13:09 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:06 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:06 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:06 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 01-Dec-2017| 13:05 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:30 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 29-Mar-2017| 13:09 \nbig5.nlp| | 66,728| 21-Nov-2017| 07:23 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 07:23 \nksc.nlp| | 116,756| 21-Nov-2017| 07:23 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 07:23 \nprc.nlp| | 83,748| 21-Nov-2017| 07:23 \nprcp.nlp| | 83,748| 21-Nov-2017| 07:23 \nsortkey.nlp| | 262,148| 21-Nov-2017| 07:23 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 07:23 \nxjis.nlp| | 28,288| 21-Nov-2017| 07:23 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 07-Apr-2017| 13:09 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \nwebengine.dll| 2.0.50727.8762| 437,400| 07-Apr-2017| 13:09 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 12-Jul-2017| 13:09 \npresentationcore.dll| 3.0.6920.8773| 4,222,976| 29-Mar-2017| 13:09 \npresentationfontcache.exe.config| | 161| 06-Jul-2012| 20:04 \nwpfgfx_v0300.dll| 3.0.6920.8773| 1,737,888| 29-Mar-2017| 13:09 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 06-Apr-2017| 20:26 \nsystem.printing.dll| 3.0.6920.8773| 372,736| 29-Mar-2017| 13:09 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 07-Apr-2017| 13:09 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 13:06 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:06 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:06 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:06 \npenimc.dll| 3.0.6920.8773| 68,752| 29-Mar-2017| 13:09 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 29-Mar-2017| 13:09 \npresentationhostdll.dll| 3.0.6920.8773| 131,248| 29-Mar-2017| 13:09 \nreachframework.dll| 3.0.6920.8773| 532,480| 29-Mar-2017| 13:09 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 29-Mar-2017| 13:09 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:06 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:06 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:06 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 (KB 4344150)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344150", "href": "https://support.microsoft.com/en-us/help/4344150", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:46", "description": "None\nThis article also applies to the following:\n\n * Microsoft .NET Framework 3.5\n\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows Server 2012, see the following article in the Microsoft Knowledge Base:[4345680](<https://support.microsoft.com/help/4345680>) Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4345680)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345680>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345680** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces update [3142025](<https://support.microsoft.com/help/3142025>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8-RT-KB4344175-x64.msu| 4441CCEF3FC9C39E514CD41B05935DB1B472FB1A| FB6F4EB53BD2D8A70C3DC998D7041915F3396B16A1E9B1671C2193EF6AAE00DE \nWindows8-RT-KB4344175-x86.msu| B113A6FED8300718EAA7F147037A813EA6DDDBEE| F8DD66968827CCF8F9047DD9BC72BFD90B100A5A6EF2A9E16E48E48254F5D22E \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:30 \nbig5.nlp| | 66,728| 21-Nov-2017| 07:23 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 07:23 \nksc.nlp| | 116,756| 21-Nov-2017| 07:23 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 07:23 \nprc.nlp| | 83,748| 21-Nov-2017| 07:23 \nprcp.nlp| | 83,748| 21-Nov-2017| 07:23 \nsortkey.nlp| | 262,148| 21-Nov-2017| 07:23 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 07:23 \nxjis.nlp| | 28,288| 21-Nov-2017| 07:23 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 21-Nov-2017| 07:23 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 07:23 \nksc.nlp| | 116,756| 21-Nov-2017| 07:23 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 07:23 \nprc.nlp| | 83,748| 21-Nov-2017| 07:23 \nprcp.nlp| | 83,748| 21-Nov-2017| 07:23 \nsortkey.nlp| | 262,148| 21-Nov-2017| 07:23 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 07:23 \nxjis.nlp| | 28,288| 21-Nov-2017| 07:23 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 15:10 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:30 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:30 \nbig5.nlp| | 66,728| 21-Nov-2017| 07:23 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 07:23 \nksc.nlp| | 116,756| 21-Nov-2017| 07:23 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 07:23 \nprc.nlp| | 83,748| 21-Nov-2017| 07:23 \nprcp.nlp| | 83,748| 21-Nov-2017| 07:23 \nsortkey.nlp| | 262,148| 21-Nov-2017| 07:23 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 07:23 \nxjis.nlp| | 28,288| 21-Nov-2017| 07:23 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 3.5 for Windows Server 2012 (KB 4344175)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344175", "href": "https://support.microsoft.com/en-us/help/4344175", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:49", "description": "None\nThis article also applies to the following:\n\n * Microsoft .NET Framework 3.5\n\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update [KB 2919355](<https://support.microsoft.com/en-us/help/2919355>) to be installed. We recommend that you install update [KB 2919355](<https://support.microsoft.com/en-us/help/2919355>) on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2, see the following article in the Microsoft Knowledge Base:[4345681](<https://support.microsoft.com/help/4345681>) Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4345681)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345681>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345681** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces updates [3142026](<https://support.microsoft.com/help/3142026>) and [3142030](<https://support.microsoft.com/help/3142030>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4344178-x64.msu| 5242D857DE04426465D8AC4DCCB030A42B896AA3| AFFE288BDBC8A0CEBF5D748238474E44DCF9E0C05EE51FCAFF63212E87962C0C \nWindows8.1-KB4344178-x86.msu| 8B8A0AF5ECB33BBA9299586A8FB46080EE28082A| EE21B2FF73F0154532CB1253C31DAB1133FE041826677B20686BED661ED92987 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nsystem.dll| 2.0.50727.8791| 3,207,168| 11-Jul-2018| 13:11 \nbig5.nlp| | 66,728| 07-Nov-2017| 17:46 \nbopomofo.nlp| | 82,172| 07-Nov-2017| 17:46 \nksc.nlp| | 116,756| 07-Nov-2017| 17:46 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 13:10 \nnormidna.nlp| | 59,342| 07-Nov-2017| 17:46 \nnormnfc.nlp| | 45,794| 07-Nov-2017| 17:46 \nnormnfd.nlp| | 39,284| 07-Nov-2017| 17:46 \nnormnfkc.nlp| | 66,384| 07-Nov-2017| 17:46 \nnormnfkd.nlp| | 60,294| 07-Nov-2017| 17:46 \nprc.nlp| | 83,748| 07-Nov-2017| 17:46 \nprcp.nlp| | 83,748| 07-Nov-2017| 17:46 \nsortkey.nlp| | 262,148| 07-Nov-2017| 17:46 \nsorttbls.nlp| | 20,320| 07-Nov-2017| 17:46 \nxjis.nlp| | 28,288| 07-Nov-2017| 17:46 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 13:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 13:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 13:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 13:10 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 26-Oct-2017| 16:05 \nbopomofo.nlp| | 82,172| 26-Oct-2017| 16:05 \nksc.nlp| | 116,756| 26-Oct-2017| 16:05 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 13:11 \nnormidna.nlp| | 59,342| 26-Oct-2017| 16:05 \nnormnfc.nlp| | 45,794| 26-Oct-2017| 16:05 \nnormnfd.nlp| | 39,284| 26-Oct-2017| 16:05 \nnormnfkc.nlp| | 66,384| 26-Oct-2017| 16:05 \nnormnfkd.nlp| | 60,294| 26-Oct-2017| 16:05 \nprc.nlp| | 83,748| 26-Oct-2017| 16:05 \nprcp.nlp| | 83,748| 26-Oct-2017| 16:05 \nsortkey.nlp| | 262,148| 26-Oct-2017| 16:05 \nsorttbls.nlp| | 20,320| 26-Oct-2017| 16:05 \nxjis.nlp| | 28,288| 26-Oct-2017| 16:05 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 13:11 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 13:11 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 13:11 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 13:11 \nsystem.dll| 2.0.50727.8791| 3,207,168| 11-Jul-2018| 13:12 \nsystem.dll| 2.0.50727.8791| 3,207,168| 11-Jul-2018| 13:11 \nbig5.nlp| | 66,728| 07-Nov-2017| 17:46 \nbopomofo.nlp| | 82,172| 07-Nov-2017| 17:46 \nksc.nlp| | 116,756| 07-Nov-2017| 17:46 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 13:10 \nnormidna.nlp| | 59,342| 07-Nov-2017| 17:46 \nnormnfc.nlp| | 45,794| 07-Nov-2017| 17:46 \nnormnfd.nlp| | 39,284| 07-Nov-2017| 17:46 \nnormnfkc.nlp| | 66,384| 07-Nov-2017| 17:46 \nnormnfkd.nlp| | 60,294| 07-Nov-2017| 17:46 \nprc.nlp| | 83,748| 07-Nov-2017| 17:46 \nprcp.nlp| | 83,748| 07-Nov-2017| 17:46 \nsortkey.nlp| | 262,148| 07-Nov-2017| 17:46 \nsorttbls.nlp| | 20,320| 07-Nov-2017| 17:46 \nxjis.nlp| | 28,288| 07-Nov-2017| 17:46 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 13:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 13:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 13:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 13:10 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 3.5 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344178)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344178", "href": "https://support.microsoft.com/en-us/help/4344178", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T22:40:13", "description": "<html><body><p>Resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.</p><h2></h2><p>This article also applies to the following:</p><ul><li>Microsoft .NET Framework 3.5</li></ul><h2>Summary</h2><div class=\"kb-summary-section section\"><p>This update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which\u00a0content from one stream can blend into another stream.</p><p>To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.</p><p>This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.</p>To learn more about this vulnerability, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360\" id=\"kb-link-2\" target=\"_blank\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8360</a>.</div><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see </span></span></span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/4019990\" target=\"_blank\">KB 4019990</a><span><span><span>.</span></span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344150\" managed-link=\"\" target=\"_blank\">4344150</a> Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 (KB 4344150)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344148\" managed-link=\"\" target=\"_blank\">4344148</a> Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344148)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344144\" managed-link=\"\" target=\"_blank\">4344144</a> Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4344144)</li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T17:07:54", "type": "mskb", "title": "Security and Quality Rollup updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4345591)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T17:07:54", "id": "KB4345591", "href": "https://support.microsoft.com/en-us/help/4345591/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T22:52:00", "description": "<html><body><p>Resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.</p><h2>Summary</h2><div class=\"kb-summary-section section\"><p>This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.</p><p>To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.</p><p>This security update addresses the vulnerability by correcting the way .NET Framework handles high-load/high-density network connections.</p>To learn more about this vulnerability, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360\" id=\"kb-link-2\" target=\"\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8360</a>.</div><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</span></div><div>\u00a0</div><ul><li><span><a href=\"https://support.microsoft.com/help/4344151\" managed-link=\"\">4344151</a> Description of the Security and Quality Rollup for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344151)</span></li><li><a href=\"https://support.microsoft.com/help/4344149\" managed-link=\"\">4344149</a> Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1 and Server 2008 SP2\u00a0 (KB 4344149)</li><li><a href=\"https://support.microsoft.com/help/4344146\" managed-link=\"\">4344146</a> Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 for Windows 7 SP1, Server 2008 R2 SP1 and for .NET Framework 4.6 for Server 2008 SP2 (KB 4344146)</li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T17:08:06", "type": "mskb", "title": "Security and Quality updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2 and 4.6 for Windows Server 2008 SP2 (KB 4345593)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T17:08:06", "id": "KB4345593", "href": "https://support.microsoft.com/en-us/help/4345593/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:49", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:[4345679](<https://support.microsoft.com/help/4345679>) Security Only updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345679)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345679>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345679** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces update [3142024](<https://support.microsoft.com/help/3142024>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.1-KB4344177-ia64.msu| EB3C241C084EE84B5C247CE3651D4EDBD9054550| 242D1EBE4AEA545127595BD2B962CE5A8A34A9E27B8C4E5C9F982261C44539ED \nWindows6.1-KB4344177-x64.msu| AC4E288D33FEAD366BCBAD5135D1AA6BC4D787F2| 582D062D637EDC2C98D93264E6C5BF3CED672A2ACB6B34405C7549B2642CFCF3 \nWindows6.1-KB4344177-x86.msu| 46D7719CB93D9DE74F2399A864F66A3361079676| 01FF814EB93C807977FF51A0929B3D976A52FB5D06D6A16374F215C0DC50AC29 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nbig5.nlp| | 66,728| 16-Jun-2018| 05:11 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:11 \nksc.nlp| | 116,756| 16-Jun-2018| 05:11 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:12 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:12 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:12 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:12 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:12 \nprc.nlp| | 83,748| 16-Jun-2018| 05:12 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:12 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:12 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:12 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:13 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 16:53 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 16-Jun-2018| 05:09 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:09 \nksc.nlp| | 116,756| 16-Jun-2018| 05:09 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:10 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:10 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:10 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:10 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:10 \nprc.nlp| | 83,748| 16-Jun-2018| 05:10 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:10 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:10 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:10 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:10 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 16:53 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nbig5.nlp| | 66,728| 16-Jun-2018| 05:11 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:11 \nksc.nlp| | 116,756| 16-Jun-2018| 05:11 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:12 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:12 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:12 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:12 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:12 \nprc.nlp| | 83,748| 16-Jun-2018| 05:12 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:12 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:12 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:12 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:13 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 16:53 \n**For all supported IA64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 16-Jun-2018| 05:14 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:14 \nksc.nlp| | 116,756| 16-Jun-2018| 05:14 \nmscorlib.dll| 2.0.50727.8793| 4,014,080| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:14 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:14 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:14 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:14 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:14 \nprc.nlp| | 83,748| 16-Jun-2018| 05:14 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:14 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:14 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:14 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:15 \nmscordacwks.dll| 2.0.50727.8793| 3,083,400| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 602,752| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 20,404,864| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 873,592| 24-Jul-2018| 16:53 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nbig5.nlp| | 66,728| 16-Jun-2018| 05:11 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:11 \nksc.nlp| | 116,756| 16-Jun-2018| 05:11 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:12 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:12 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:12 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:12 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:12 \nprc.nlp| | 83,748| 16-Jun-2018| 05:12 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:12 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:12 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:12 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:13 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 16:53 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4344177)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344177", "href": "https://support.microsoft.com/en-us/help/4344177", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T22:46:07", "description": "<html><body><p>Resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.</p><h2>Summary</h2><div class=\"kb-summary-section section\"><p>This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which\u00a0content from one stream can blend into another stream.</p><p>To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.</p><p>This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.</p>To learn more about this vulnerability, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360\" id=\"kb-link-2\" target=\"\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8360</a>.</div><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6 for Windows Server 2008 require the d3dcompiler_47.dll update to be installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll update, see </span></span></span><a href=\"https://support.microsoft.com/en-us/help/4019478\"><span><span><span>KB 4019478</span></span></span></a><span><span><span>.</span></span></span></span></span></span><span><span><span><span><span></span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security\u00a0update as it relates to individual product versions.</span></div><div>\u00a0</div><ul><li><span><a href=\"https://support.microsoft.com/help/4344176\" managed-link=\"\">4344176</a> Description of the Security Only update for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344176)</span></li><li><a href=\"https://support.microsoft.com/help/4344173\" managed-link=\"\">4344173</a> Description of the Security Only update for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 SP2 (KB 4344173)</li><li><a href=\"https://support.microsoft.com/help/4344167\" managed-link=\"\">4344167</a> Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 SP2 (KB 4344167)</li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T17:07:59", "type": "mskb", "title": "Security Only updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4345682)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T17:07:59", "id": "KB4345682", "href": "https://support.microsoft.com/en-us/help/4345682/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:41", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see [4019990](<https://support.microsoft.com/en-us/help/4019990>).\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows Server 2012, see the following article in the Microsoft Knowledge Base:[4345680](<https://support.microsoft.com/help/4345680>) Security Only updates for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4345680)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345680>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345680** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update does not replace any previously released update.\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8-RT-KB4344165-x64.msu| E1FFBB2548AF3E741CA430691324B13AF080E08F| 9787E7078974505416D239CEAEFD7887DF9F85CD3F3F187BC14547F6B8282C33 \nWindows8-RT-KB4344165-x86.msu| 6A7476194F48E9D617E223FD90BA067278F2A102| 2713C5EB9961CACBDC5A006BDE467C2E8DC96A9651F25D2E1B9A24D10407774A \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 25-Jul-2018| 02:50 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \nclrjit.dll| 4.7.3133.0| 524,288| 25-Jul-2018| 02:50 \nclr.dll| 4.7.3133.0| 7,249,400| 25-Jul-2018| 02:50 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 25-Jul-2018| 02:50 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 11-May-2018| 01:43 \npeverify.dll| 4.7.3133.0| 189,960| 25-Jul-2018| 02:50 \nsos.dll| 4.7.3133.0| 744,952| 25-Jul-2018| 02:50 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.7.3133.0| 5,420,992| 25-Jul-2018| 02:09 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \nclrjit.dll| 4.7.3133.0| 1,227,192| 25-Jul-2018| 02:09 \nclr.dll| 4.7.3133.0| 10,378,664| 25-Jul-2018| 02:09 \ncompatjit.dll| 4.7.3133.0| 1,262,528| 25-Jul-2018| 02:09 \nmscordacwks.dll| 4.7.3133.0| 1,843,656| 25-Jul-2018| 02:09 \nmscordbi.dll| 4.7.3133.0| 1,625,024| 25-Jul-2018| 02:09 \nmsvcp120_clr0400.dll| 12.0.52519.0| 690,008| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 993,632| 11-May-2018| 01:43 \npeverify.dll| 4.7.3133.0| 263,104| 25-Jul-2018| 02:09 \nsos.dll| 4.7.3133.0| 874,920| 25-Jul-2018| 02:09 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 25-Jul-2018| 02:50 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \nclrjit.dll| 4.7.3133.0| 524,288| 25-Jul-2018| 02:50 \nclr.dll| 4.7.3133.0| 7,249,400| 25-Jul-2018| 02:50 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 25-Jul-2018| 02:50 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 11-May-2018| 01:43 \npeverify.dll| 4.7.3133.0| 189,960| 25-Jul-2018| 02:50 \nsos.dll| 4.7.3133.0| 744,952| 25-Jul-2018| 02:50 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4344165)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344165", "href": "https://support.microsoft.com/en-us/help/4344165", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:39", "description": "None\nThis article also applies to the following:\n\n * Microsoft .NET Framework 3.5\n\n## Summary\n\nThis update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update [2919355](<https://support.microsoft.com/en-us/help/2919355>) to be installed. We recommend that you install update [2919355](<https://support.microsoft.com/en-us/help/2919355>) on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2, see the following article in the Microsoft Knowledge Base:[4345592](<https://support.microsoft.com/help/4345592>) Security and Quality Rollup updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4345592)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345592** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces previously released updates [4340558](<https://support.microsoft.com/help/4340558>) and [4291497](<https://support.microsoft.com/help/4291497>). \n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4344153-x64.msu| BE2840F79F50B30E571B229863D5993DFCDA0E0D| EC93C86E95CA87852B0FEFD6BF0804D26F4D58352E16AD10936658304EBB6349 \nWindows8.1-KB4344153-x86.msu| DE4685DD06AC23D190194E434DF4A0DCE5BE94F8| B0BC930FAF4DD194C9FC84087B2953AB88D99308567A7A61FA52555E84E846C6 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 30-Mar-2017| 13:15 \nreachframework.dll| 3.0.6920.8773| 532,480| 30-Mar-2017| 13:15 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 13:11 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 13:11 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 12-Dec-2017| 13:09 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:11 \nsystem.management.dll| 2.0.50727.8766| 389,120| 12-Jul-2017| 13:11 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:17 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:11 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:11 \nsystem.security.dll| 2.0.50727.8784| 274,432| 28-Mar-2018| 13:15 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:11 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:11 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:11 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 22-Apr-2017| 13:09 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:11 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:11 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:11 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 12-Dec-2017| 13:09 \nsystem.dll| 2.0.50727.8791| 3,207,168| 11-Jul-2018| 13:11 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 30-Mar-2017| 13:15 \nbig5.nlp| | 66,728| 07-Nov-2017| 17:46 \nbopomofo.nlp| | 82,172| 07-Nov-2017| 17:46 \nksc.nlp| | 116,756| 07-Nov-2017| 17:46 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 13:10 \nnormidna.nlp| | 59,342| 07-Nov-2017| 17:46 \nnormnfc.nlp| | 45,794| 07-Nov-2017| 17:46 \nnormnfd.nlp| | 39,284| 07-Nov-2017| 17:46 \nnormnfkc.nlp| | 66,384| 07-Nov-2017| 17:46 \nnormnfkd.nlp| | 60,294| 07-Nov-2017| 17:46 \nprc.nlp| | 83,748| 07-Nov-2017| 17:46 \nprcp.nlp| | 83,748| 07-Nov-2017| 17:46 \nsortkey.nlp| | 262,148| 07-Nov-2017| 17:46 \nsorttbls.nlp| | 20,320| 07-Nov-2017| 17:46 \nxjis.nlp| | 28,288| 07-Nov-2017| 17:46 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 22-Apr-2017| 13:09 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 13:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 13:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 13:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 13:10 \nwebengine.dll| 2.0.50727.8762| 437,400| 22-Apr-2017| 13:09 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 12-Jul-2017| 13:11 \npresentationcore.dll| 3.0.6920.8773| 4,222,976| 30-Mar-2017| 13:15 \npresentationfontcache.exe.config| | 161| 20-Aug-2015| 13:24 \nwpfgfx_v0300.dll| 3.0.6920.8773| 1,737,888| 30-Mar-2017| 13:15 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 22-Apr-2017| 13:09 \nsystem.printing.dll| 3.0.6920.8773| 372,736| 30-Mar-2017| 13:15 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 22-Apr-2017| 13:09 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 13:11 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:11 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:11 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:11 \npenimc.dll| 3.0.6920.8773| 68,752| 30-Mar-2017| 13:15 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 30-Mar-2017| 13:15 \npresentationhostdll.dll| 3.0.6920.8773| 131,248| 30-Mar-2017| 13:15 \nreachframework.dll| 3.0.6920.8773| 532,480| 30-Mar-2017| 13:15 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 30-Mar-2017| 13:15 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:11 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:11 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:11 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 26-Oct-2017| 16:05 \nbopomofo.nlp| | 82,172| 26-Oct-2017| 16:05 \nksc.nlp| | 116,756| 26-Oct-2017| 16:05 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 13:11 \nnormidna.nlp| | 59,342| 26-Oct-2017| 16:05 \nnormnfc.nlp| | 45,794| 26-Oct-2017| 16:05 \nnormnfd.nlp| | 39,284| 26-Oct-2017| 16:05 \nnormnfkc.nlp| | 66,384| 26-Oct-2017| 16:05 \nnormnfkd.nlp| | 60,294| 26-Oct-2017| 16:05 \nprc.nlp| | 83,748| 26-Oct-2017| 16:05 \nprcp.nlp| | 83,748| 26-Oct-2017| 16:05 \nsortkey.nlp| | 262,148| 26-Oct-2017| 16:05 \nsorttbls.nlp| | 20,320| 26-Oct-2017| 16:05 \nxjis.nlp| | 28,288| 26-Oct-2017| 16:05 \naspnet_wp.exe| 2.0.50727.8762| 43,160| 22-Apr-2017| 13:08 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 13:11 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 13:11 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 13:11 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 13:11 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 29-Nov-2017| 05:34 \nsystem.management.dll| 2.0.50727.8766| 389,120| 12-Jul-2017| 13:08 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:15 \nsystem.security.dll| 2.0.50727.8784| 274,432| 28-Mar-2018| 13:15 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 22-Apr-2017| 13:08 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 29-Nov-2017| 05:34 \nsystem.dll| 2.0.50727.8791| 3,207,168| 11-Jul-2018| 13:12 \nwebengine.dll| 2.0.50727.8762| 746,648| 22-Apr-2017| 13:08 \nwminet_utils.dll| 2.0.50727.8766| 140,960| 12-Jul-2017| 13:08 \npresentationcore.dll| 3.0.6920.8773| 4,006,400| 30-Mar-2017| 13:15 \npresentationfontcache.exe.config| | 161| 22-Aug-2015| 13:27 \nwpfgfx_v0300.dll| 3.0.6920.8773| 2,256,032| 30-Mar-2017| 13:15 \nsystem.data.dll| 2.0.50727.8762| 3,150,336| 22-Apr-2017| 13:08 \nsystem.printing.dll| 3.0.6920.8773| 358,400| 30-Mar-2017| 13:15 \nsystem.web.dll| 2.0.50727.8762| 5,296,128| 22-Apr-2017| 13:08 \nservicemonikersupport.dll| 3.0.4506.8800| 20,144| 11-Jun-2018| 13:10 \nsmdiagnostics.dll| 3.0.4506.8800| 94,208| 11-Jun-2018| 13:10 \nsmsvchost.exe| 3.0.4506.8800| 117,376| 11-Jun-2018| 13:10 \nsystem.identitymodel.dll| 3.0.4506.8800| 405,504| 11-Jun-2018| 13:09 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 13:10 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 13:10 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 13:10 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:10 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 13:10 \npenimc.dll| 3.0.6920.8773| 85,648| 30-Mar-2017| 13:15 \npresentationframework.dll| 3.0.6920.8773| 4,640,768| 30-Mar-2017| 13:15 \npresentationhostdll.dll| 3.0.6920.8773| 172,208| 30-Mar-2017| 13:15 \nreachframework.dll| 3.0.6920.8773| 532,480| 30-Mar-2017| 13:15 \nwindowsbase.dll| 3.0.6920.8773| 1,118,208| 30-Mar-2017| 13:15 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,060,864| 11-Jun-2018| 13:10 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,519,616| 11-Jun-2018| 13:10 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 454,656| 11-Jun-2018| 13:10 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 30-Mar-2017| 13:15 \nreachframework.dll| 3.0.6920.8773| 532,480| 30-Mar-2017| 13:15 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 13:11 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 13:11 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 12-Dec-2017| 13:09 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:11 \nsystem.management.dll| 2.0.50727.8766| 389,120| 12-Jul-2017| 13:11 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:17 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:11 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:11 \nsystem.security.dll| 2.0.50727.8784| 274,432| 28-Mar-2018| 13:15 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:11 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:11 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:11 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 22-Apr-2017| 13:09 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:11 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:11 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:11 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 12-Dec-2017| 13:09 \nsystem.dll| 2.0.50727.8791| 3,207,168| 11-Jul-2018| 13:11 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 30-Mar-2017| 13:15 \nbig5.nlp| | 66,728| 07-Nov-2017| 17:46 \nbopomofo.nlp| | 82,172| 07-Nov-2017| 17:46 \nksc.nlp| | 116,756| 07-Nov-2017| 17:46 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 13:10 \nnormidna.nlp| | 59,342| 07-Nov-2017| 17:46 \nnormnfc.nlp| | 45,794| 07-Nov-2017| 17:46 \nnormnfd.nlp| | 39,284| 07-Nov-2017| 17:46 \nnormnfkc.nlp| | 66,384| 07-Nov-2017| 17:46 \nnormnfkd.nlp| | 60,294| 07-Nov-2017| 17:46 \nprc.nlp| | 83,748| 07-Nov-2017| 17:46 \nprcp.nlp| | 83,748| 07-Nov-2017| 17:46 \nsortkey.nlp| | 262,148| 07-Nov-2017| 17:46 \nsorttbls.nlp| | 20,320| 07-Nov-2017| 17:46 \nxjis.nlp| | 28,288| 07-Nov-2017| 17:46 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 22-Apr-2017| 13:09 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 13:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 13:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 13:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 13:10 \nwebengine.dll| 2.0.50727.8762| 437,400| 22-Apr-2017| 13:09 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 12-Jul-2017| 13:11 \npresentationcore.dll| 3.0.6920.8773| 4,222,976| 30-Mar-2017| 13:15 \npresentationfontcache.exe.config| | 161| 20-Aug-2015| 13:24 \nwpfgfx_v0300.dll| 3.0.6920.8773| 1,737,888| 30-Mar-2017| 13:15 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 22-Apr-2017| 13:09 \nsystem.printing.dll| 3.0.6920.8773| 372,736| 30-Mar-2017| 13:15 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 22-Apr-2017| 13:09 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 13:11 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:11 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:11 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:11 \npenimc.dll| 3.0.6920.8773| 68,752| 30-Mar-2017| 13:15 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 30-Mar-2017| 13:15 \npresentationhostdll.dll| 3.0.6920.8773| 131,248| 30-Mar-2017| 13:15 \nreachframework.dll| 3.0.6920.8773| 532,480| 30-Mar-2017| 13:15 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 30-Mar-2017| 13:15 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:11 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:11 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:11 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344153)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344153", "href": "https://support.microsoft.com/en-us/help/4344153", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:31", "description": "None\n## Summary\n\nThis update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update [2919355](<https://support.microsoft.com/en-us/help/2919355>) to be installed. We recommend that you install update [2919355](<https://support.microsoft.com/en-us/help/2919355>) on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2, see the following article in the Microsoft Knowledge Base:[4345592](<https://support.microsoft.com/help/4345592>) Security and Quality Rollup updates for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4345592)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345592** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces previously released updates [4340558](<https://support.microsoft.com/help/4340558>) and [4291497](<https://support.microsoft.com/help/4291497>). \n\n### \n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4344145-arm.msu| 79E7BCA34766841838888F6D1CF14E1A7F2EECA2| E22A403C70B93809CB05BB1EE20E1815678C16606F5140DB3618587D82932774 \nWindows8.1-KB4344145-x64.msu| 3A78DEA3BDA5A3C8F65BAEB2C27DECF4563D6359| 3FBB3C24C72C791532D3916EDA8F8E5A0765E959E34118F96CABECC79BBB184A \nWindows8.1-KB4344145-x86.msu| 7D19DF08FB4D7CE730FE81081781E90CB72572FE| 16253BAF2788050BD5DA987CC03EB6BD05A902239A417810E62B31998BB144FD \n \n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \npresentationframework.dll| 4.7.2672.0| 6,210,896| 19-Jul-2018| 22:47 \nsmdiagnostics.dll| 4.7.3130.0| 73,808| 06-Jun-2018| 06:16 \nsystem.activities.dll| 4.7.3130.0| 1,532,544| 06-Jun-2018| 06:16 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.data.sqlxml.dll| 4.7.2612.0| 734,400| 22-Nov-2017| 20:59 \nsystem.deployment.dll| 4.6.1099.0| 846,016| 27-Mar-2017| 03:33 \nsystem.directoryservices.accountmanagement.dll| 4.7.2623.0| 296,216| 30-Nov-2017| 04:16 \nsystem.directoryservices.protocols.dll| 4.6.1099.0| 200,488| 27-Mar-2017| 03:33 \nsystem.drawing.dll| 4.6.1099.0| 594,616| 27-Mar-2017| 03:33 \nsystem.identitymodel.services.dll| 4.7.3130.0| 198,376| 06-Jun-2018| 06:16 \nsystem.identitymodel.dll| 4.7.3130.0| 1,090,176| 06-Jun-2018| 06:16 \nsystem.management.dll| 4.7.2102.0| 415,432| 06-Jun-2017| 23:17 \nsystem.net.http.dll| 4.7.2634.0| 203,352| 02-Feb-2018| 21:11 \nsystem.runtime.caching.dll| 4.6.1649.1| 108,920| 21-Apr-2017| 05:35 \nsystem.runtime.remoting.dll| 4.7.2114.0| 347,368| 30-Aug-2017| 06:04 \nsystem.runtime.serialization.dll| 4.7.3130.0| 1,056,456| 06-Jun-2018| 06:16 \nsystem.security.dll| 4.7.2650.0| 324,696| 21-Mar-2018| 04:49 \nsystem.servicemodel.channels.dll| 4.7.3130.0| 157,928| 06-Jun-2018| 06:16 \nsystem.servicemodel.discovery.dll| 4.7.3130.0| 308,456| 06-Jun-2018| 06:16 \nsystem.servicemodel.internals.dll| 4.7.3130.0| 260,808| 06-Jun-2018| 06:16 \nsystem.servicemodel.routing.dll| 4.6.1099.0| 130,288| 27-Mar-2017| 03:33 \nsystem.servicemodel.washosting.dll| 4.7.3130.0| 39,656| 06-Jun-2018| 06:16 \nsystem.servicemodel.dll| 4.7.3130.0| 6,321,784| 06-Jun-2018| 06:16 \nsystem.web.applicationservices.dll| 4.7.2623.0| 70,912| 30-Nov-2017| 04:16 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nsystem.windows.controls.ribbon.dll| 4.7.2672.0| 742,608| 19-Jul-2018| 22:47 \nsystem.windows.forms.dll| 4.7.2114.0| 5,181,656| 30-Aug-2017| 06:04 \nsystem.workflow.activities.dll| 4.7.3130.0| 1,051,360| 06-Jun-2018| 06:16 \nsystem.workflow.componentmodel.dll| 4.7.3130.0| 1,542,384| 06-Jun-2018| 06:16 \nsystem.workflow.runtime.dll| 4.7.3130.0| 498,896| 06-Jun-2018| 06:16 \nsystem.xaml.dll| 4.7.2672.0| 643,560| 19-Jul-2018| 22:47 \nsystem.xml.dll| 4.7.2612.0| 2,670,224| 22-Nov-2017| 20:59 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nuiautomationclientsideproviders.dll| 4.7.2672.0| 361,336| 19-Jul-2018| 22:47 \nuiautomationclient.dll| 4.7.2672.0| 177,984| 19-Jul-2018| 22:47 \nuiautomationprovider.dll| 4.7.2672.0| 48,968| 19-Jul-2018| 22:47 \nuiautomationtypes.dll| 4.7.2672.0| 220,992| 19-Jul-2018| 22:47 \nwindowsbase.dll| 4.7.2672.0| 1,289,512| 19-Jul-2018| 22:47 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 25-Jul-2018| 02:50 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \naspnet_perf.dll| 4.7.2623.0| 42,648| 30-Nov-2017| 04:16 \naspnet_state_perf.h| | 318| 30-Nov-2017| 02:23 \naspnet_state_perf.ini| | 42,996| 30-Nov-2017| 04:18 \naspnet_wp.exe| 4.7.2623.0| 46,176| 30-Nov-2017| 04:16 \nclrjit.dll| 4.7.3133.0| 524,288| 25-Jul-2018| 02:50 \nclr.dll| 4.7.3133.0| 7,249,400| 25-Jul-2018| 02:50 \ndfdll.dll| 4.6.1099.0| 154,768| 27-Mar-2017| 03:33 \nglobalmonospace.compositefont| | 26,040| 17-May-2018| 04:37 \nglobalsansserif.compositefont| | 26,489| 17-May-2018| 04:37 \nglobalserif.compositefont| | 29,779| 17-May-2018| 04:37 \nglobaluserinterface.compositefont| | 186,009| 19-Jul-2018| 19:11 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 25-Jul-2018| 02:50 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 25-Jul-2018| 02:50 \nmscoreei.dll| 4.6.1099.0| 497,824| 27-Mar-2017| 03:33 \nmscorlib.ni.dll| 4.7.3133.0| 20,528,720| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 11-May-2018| 01:43 \npenimc.dll| 14.7.2634.0| 19,096| 02-Feb-2018| 21:11 \npenimc2_v0400.dll| 4.7.2672.0| 86,160| 19-Jul-2018| 22:47 \npenimc_v0400.dll| 4.7.2634.0| 24,728| 02-Feb-2018| 21:11 \npeverify.dll| 4.7.3133.0| 189,960| 25-Jul-2018| 02:50 \npresentationhost_v0400.dll.mui| 4.7.2672.0| 84,704| 19-Jul-2018| 22:47 \npresentationhost_v0400.dll| 4.7.2672.0| 214,200| 19-Jul-2018| 22:47 \npresentationnative_v0400.dll| 4.7.2672.0| 827,096| 19-Jul-2018| 22:47 \nservicemodel.mof| | 88,383| 11-May-2018| 01:26 \nservicemodel.mof.uninstall| | 896| 11-May-2018| 01:26 \nservicemonikersupport.dll| 4.7.3130.0| 29,384| 06-Jun-2018| 06:16 \nsos.dll| 4.7.3133.0| 744,952| 25-Jul-2018| 02:50 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nwebengine4.dll| 4.7.2623.0| 550,032| 30-Nov-2017| 04:16 \nwebengine.dll| 4.7.2623.0| 24,712| 30-Nov-2017| 04:16 \nwminet_utils.dll| 4.7.2102.0| 136,368| 06-Jun-2017| 23:17 \nworkflowservicehostperformancecounters.dll| 4.7.3130.0| 89,384| 06-Jun-2018| 06:16 \nwpfgfx_v0400.dll| 4.7.2672.0| 1,345,160| 19-Jul-2018| 22:47 \npresentationcore.dll| 4.7.2672.0| 3,635,024| 19-Jul-2018| 22:47 \nsystem.data.dll| 4.7.2623.0| 3,397,272| 30-Nov-2017| 04:16 \nsystem.transactions.dll| 4.6.1099.0| 303,824| 27-Mar-2017| 03:33 \nsystem.web.dll| 4.7.2623.0| 5,409,936| 30-Nov-2017| 04:16 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.7.3133.0| 5,420,992| 25-Jul-2018| 02:09 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \naspnet_perf.dll| 4.7.2623.0| 46,232| 30-Nov-2017| 04:12 \naspnet_state_perf.h| | 318| 30-Nov-2017| 02:05 \naspnet_state_perf.ini| | 42,996| 30-Nov-2017| 04:12 \naspnet_wp.exe| 4.7.2623.0| 50,784| 30-Nov-2017| 04:12 \nclrjit.dll| 4.7.3133.0| 1,227,192| 25-Jul-2018| 02:09 \nclr.dll| 4.7.3133.0| 10,378,664| 25-Jul-2018| 02:09 \ncompatjit.dll| 4.7.3133.0| 1,262,528| 25-Jul-2018| 02:09 \ndfdll.dll| 4.6.1099.0| 181,400| 27-Mar-2017| 03:29 \nglobalmonospace.compositefont| | 26,040| 17-May-2018| 04:37 \nglobalsansserif.compositefont| | 26,489| 17-May-2018| 04:37 \nglobalserif.compositefont| | 29,779| 17-May-2018| 04:37 \nglobaluserinterface.compositefont| | 186,009| 19-Jul-2018| 19:11 \nmscordacwks.dll| 4.7.3133.0| 1,843,656| 25-Jul-2018| 02:09 \nmscordbi.dll| 4.7.3133.0| 1,625,024| 25-Jul-2018| 02:09 \nmscoreei.dll| 4.6.1099.0| 617,632| 27-Mar-2017| 03:29 \nmscorlib.ni.dll| 4.7.3133.0| 22,590,008| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52519.0| 690,008| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 993,632| 11-May-2018| 01:43 \npenimc.dll| 14.7.2634.0| 19,096| 02-Feb-2018| 21:04 \npenimc2_v0400.dll| 4.7.2672.0| 107,472| 19-Jul-2018| 22:39 \npenimc_v0400.dll| 4.7.2634.0| 25,760| 02-Feb-2018| 21:04 \npeverify.dll| 4.7.3133.0| 263,104| 25-Jul-2018| 02:09 \npresentationframework.dll| 4.7.2672.0| 6,210,896| 19-Jul-2018| 22:47 \npresentationhost_v0400.dll.mui| 4.7.2672.0| 87,560| 19-Jul-2018| 22:39 \npresentationhost_v0400.dll| 4.7.2672.0| 280,568| 19-Jul-2018| 22:39 \npresentationnative_v0400.dll| 4.7.2672.0| 1,112,576| 19-Jul-2018| 22:39 \nservicemodel.mof| | 88,383| 21-Feb-2018| 03:54 \nservicemodel.mof.uninstall| | 896| 21-Feb-2018| 03:54 \nservicemonikersupport.dll| 4.7.3130.0| 31,456| 06-Jun-2018| 06:09 \nsmdiagnostics.dll| 4.7.3130.0| 73,808| 06-Jun-2018| 06:16 \nsos.dll| 4.7.3133.0| 874,920| 25-Jul-2018| 02:09 \nsystem.activities.dll| 4.7.3130.0| 1,532,544| 06-Jun-2018| 06:16 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.data.sqlxml.dll| 4.7.2612.0| 734,400| 22-Nov-2017| 20:59 \nsystem.deployment.dll| 4.6.1099.0| 846,016| 27-Mar-2017| 03:33 \nsystem.directoryservices.accountmanagement.dll| 4.7.2623.0| 296,216| 30-Nov-2017| 04:16 \nsystem.directoryservices.protocols.dll| 4.6.1099.0| 200,488| 27-Mar-2017| 03:33 \nsystem.drawing.dll| 4.6.1099.0| 594,616| 27-Mar-2017| 03:33 \nsystem.identitymodel.services.dll| 4.7.3130.0| 198,376| 06-Jun-2018| 06:16 \nsystem.identitymodel.dll| 4.7.3130.0| 1,090,176| 06-Jun-2018| 06:16 \nsystem.management.dll| 4.7.2102.0| 415,432| 06-Jun-2017| 23:17 \nsystem.net.http.dll| 4.7.2634.0| 203,352| 02-Feb-2018| 21:11 \nsystem.runtime.caching.dll| 4.6.1649.1| 108,920| 21-Apr-2017| 05:35 \nsystem.runtime.remoting.dll| 4.7.2114.0| 347,368| 30-Aug-2017| 06:04 \nsystem.runtime.serialization.dll| 4.7.3130.0| 1,056,456| 06-Jun-2018| 06:16 \nsystem.security.dll| 4.7.2650.0| 324,696| 21-Mar-2018| 04:49 \nsystem.servicemodel.channels.dll| 4.7.3130.0| 157,928| 06-Jun-2018| 06:16 \nsystem.servicemodel.discovery.dll| 4.7.3130.0| 308,456| 06-Jun-2018| 06:16 \nsystem.servicemodel.internals.dll| 4.7.3130.0| 260,808| 06-Jun-2018| 06:16 \nsystem.servicemodel.routing.dll| 4.6.1099.0| 130,288| 27-Mar-2017| 03:33 \nsystem.servicemodel.washosting.dll| 4.7.3130.0| 39,656| 06-Jun-2018| 06:16 \nsystem.servicemodel.dll| 4.7.3130.0| 6,321,784| 06-Jun-2018| 06:16 \nsystem.web.applicationservices.dll| 4.7.2623.0| 70,912| 30-Nov-2017| 04:16 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nsystem.windows.controls.ribbon.dll| 4.7.2672.0| 742,608| 19-Jul-2018| 22:47 \nsystem.windows.forms.dll| 4.7.2114.0| 5,181,656| 30-Aug-2017| 06:04 \nsystem.workflow.activities.dll| 4.7.3130.0| 1,051,360| 06-Jun-2018| 06:16 \nsystem.workflow.componentmodel.dll| 4.7.3130.0| 1,542,384| 06-Jun-2018| 06:16 \nsystem.workflow.runtime.dll| 4.7.3130.0| 498,896| 06-Jun-2018| 06:16 \nsystem.xaml.dll| 4.7.2672.0| 643,560| 19-Jul-2018| 22:47 \nsystem.xml.dll| 4.7.2612.0| 2,670,224| 22-Nov-2017| 20:59 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nuiautomationclientsideproviders.dll| 4.7.2672.0| 361,336| 19-Jul-2018| 22:47 \nuiautomationclient.dll| 4.7.2672.0| 177,984| 19-Jul-2018| 22:47 \nuiautomationprovider.dll| 4.7.2672.0| 48,968| 19-Jul-2018| 22:47 \nuiautomationtypes.dll| 4.7.2672.0| 220,992| 19-Jul-2018| 22:47 \nwebengine4.dll| 4.7.2623.0| 667,792| 30-Nov-2017| 04:12 \nwebengine.dll| 4.7.2623.0| 26,256| 30-Nov-2017| 04:12 \nwindowsbase.dll| 4.7.2672.0| 1,289,512| 19-Jul-2018| 22:47 \nwminet_utils.dll| 4.7.2102.0| 188,088| 06-Jun-2017| 23:13 \nworkflowservicehostperformancecounters.dll| 4.7.3130.0| 101,136| 06-Jun-2018| 06:09 \nwpfgfx_v0400.dll| 4.7.2672.0| 1,766,864| 19-Jul-2018| 22:39 \npresentationcore.dll| 4.7.2672.0| 3,613,760| 19-Jul-2018| 22:39 \nsystem.data.dll| 4.7.2623.0| 3,461,784| 30-Nov-2017| 04:12 \nsystem.transactions.dll| 4.6.1099.0| 306,888| 27-Mar-2017| 03:29 \nsystem.web.dll| 4.7.2623.0| 5,397,136| 30-Nov-2017| 04:12 \npresentationframework.dll| 4.7.2672.0| 6,210,896| 19-Jul-2018| 22:47 \nsmdiagnostics.dll| 4.7.3130.0| 73,808| 06-Jun-2018| 06:16 \nsystem.activities.dll| 4.7.3130.0| 1,532,544| 06-Jun-2018| 06:16 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.data.sqlxml.dll| 4.7.2612.0| 734,400| 22-Nov-2017| 20:59 \nsystem.deployment.dll| 4.6.1099.0| 846,016| 27-Mar-2017| 03:33 \nsystem.directoryservices.accountmanagement.dll| 4.7.2623.0| 296,216| 30-Nov-2017| 04:16 \nsystem.directoryservices.protocols.dll| 4.6.1099.0| 200,488| 27-Mar-2017| 03:33 \nsystem.drawing.dll| 4.6.1099.0| 594,616| 27-Mar-2017| 03:33 \nsystem.identitymodel.services.dll| 4.7.3130.0| 198,376| 06-Jun-2018| 06:16 \nsystem.identitymodel.dll| 4.7.3130.0| 1,090,176| 06-Jun-2018| 06:16 \nsystem.management.dll| 4.7.2102.0| 415,432| 06-Jun-2017| 23:17 \nsystem.net.http.dll| 4.7.2634.0| 203,352| 02-Feb-2018| 21:11 \nsystem.runtime.caching.dll| 4.6.1649.1| 108,920| 21-Apr-2017| 05:35 \nsystem.runtime.remoting.dll| 4.7.2114.0| 347,368| 30-Aug-2017| 06:04 \nsystem.runtime.serialization.dll| 4.7.3130.0| 1,056,456| 06-Jun-2018| 06:16 \nsystem.security.dll| 4.7.2650.0| 324,696| 21-Mar-2018| 04:49 \nsystem.servicemodel.channels.dll| 4.7.3130.0| 157,928| 06-Jun-2018| 06:16 \nsystem.servicemodel.discovery.dll| 4.7.3130.0| 308,456| 06-Jun-2018| 06:16 \nsystem.servicemodel.internals.dll| 4.7.3130.0| 260,808| 06-Jun-2018| 06:16 \nsystem.servicemodel.routing.dll| 4.6.1099.0| 130,288| 27-Mar-2017| 03:33 \nsystem.servicemodel.washosting.dll| 4.7.3130.0| 39,656| 06-Jun-2018| 06:16 \nsystem.servicemodel.dll| 4.7.3130.0| 6,321,784| 06-Jun-2018| 06:16 \nsystem.web.applicationservices.dll| 4.7.2623.0| 70,912| 30-Nov-2017| 04:16 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nsystem.windows.controls.ribbon.dll| 4.7.2672.0| 742,608| 19-Jul-2018| 22:47 \nsystem.windows.forms.dll| 4.7.2114.0| 5,181,656| 30-Aug-2017| 06:04 \nsystem.workflow.activities.dll| 4.7.3130.0| 1,051,360| 06-Jun-2018| 06:16 \nsystem.workflow.componentmodel.dll| 4.7.3130.0| 1,542,384| 06-Jun-2018| 06:16 \nsystem.workflow.runtime.dll| 4.7.3130.0| 498,896| 06-Jun-2018| 06:16 \nsystem.xaml.dll| 4.7.2672.0| 643,560| 19-Jul-2018| 22:47 \nsystem.xml.dll| 4.7.2612.0| 2,670,224| 22-Nov-2017| 20:59 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nuiautomationclientsideproviders.dll| 4.7.2672.0| 361,336| 19-Jul-2018| 22:47 \nuiautomationclient.dll| 4.7.2672.0| 177,984| 19-Jul-2018| 22:47 \nuiautomationprovider.dll| 4.7.2672.0| 48,968| 19-Jul-2018| 22:47 \nuiautomationtypes.dll| 4.7.2672.0| 220,992| 19-Jul-2018| 22:47 \nwindowsbase.dll| 4.7.2672.0| 1,289,512| 19-Jul-2018| 22:47 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 25-Jul-2018| 02:50 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \naspnet_perf.dll| 4.7.2623.0| 42,648| 30-Nov-2017| 04:16 \naspnet_state_perf.h| | 318| 30-Nov-2017| 02:23 \naspnet_state_perf.ini| | 42,996| 30-Nov-2017| 04:18 \naspnet_wp.exe| 4.7.2623.0| 46,176| 30-Nov-2017| 04:16 \nclrjit.dll| 4.7.3133.0| 524,288| 25-Jul-2018| 02:50 \nclr.dll| 4.7.3133.0| 7,249,400| 25-Jul-2018| 02:50 \ndfdll.dll| 4.6.1099.0| 154,768| 27-Mar-2017| 03:33 \nglobalmonospace.compositefont| | 26,040| 17-May-2018| 04:37 \nglobalsansserif.compositefont| | 26,489| 17-May-2018| 04:37 \nglobalserif.compositefont| | 29,779| 17-May-2018| 04:37 \nglobaluserinterface.compositefont| | 186,009| 19-Jul-2018| 19:11 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 25-Jul-2018| 02:50 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 25-Jul-2018| 02:50 \nmscoreei.dll| 4.6.1099.0| 497,824| 27-Mar-2017| 03:33 \nmscorlib.ni.dll| 4.7.3133.0| 20,528,720| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 11-May-2018| 01:43 \npenimc.dll| 14.7.2634.0| 19,096| 02-Feb-2018| 21:11 \npenimc2_v0400.dll| 4.7.2672.0| 86,160| 19-Jul-2018| 22:47 \npenimc_v0400.dll| 4.7.2634.0| 24,728| 02-Feb-2018| 21:11 \npeverify.dll| 4.7.3133.0| 189,960| 25-Jul-2018| 02:50 \npresentationhost_v0400.dll.mui| 4.7.2672.0| 84,704| 19-Jul-2018| 22:47 \npresentationhost_v0400.dll| 4.7.2672.0| 214,200| 19-Jul-2018| 22:47 \npresentationnative_v0400.dll| 4.7.2672.0| 827,096| 19-Jul-2018| 22:47 \nservicemonikersupport.dll| 4.7.3130.0| 29,384| 06-Jun-2018| 06:16 \nsos.dll| 4.7.3133.0| 744,952| 25-Jul-2018| 02:50 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nwebengine4.dll| 4.7.2623.0| 550,032| 30-Nov-2017| 04:16 \nwebengine.dll| 4.7.2623.0| 24,712| 30-Nov-2017| 04:16 \nwminet_utils.dll| 4.7.2102.0| 136,368| 06-Jun-2017| 23:17 \nworkflowservicehostperformancecounters.dll| 4.7.3130.0| 89,384| 06-Jun-2018| 06:16 \nwpfgfx_v0400.dll| 4.7.2672.0| 1,345,160| 19-Jul-2018| 22:47 \npresentationcore.dll| 4.7.2672.0| 3,635,024| 19-Jul-2018| 22:47 \nsystem.data.dll| 4.7.2623.0| 3,397,272| 30-Nov-2017| 04:16 \nsystem.transactions.dll| 4.6.1099.0| 303,824| 27-Mar-2017| 03:33 \nsystem.web.dll| 4.7.2623.0| 5,409,936| 30-Nov-2017| 04:16 \n**For all supported ARM-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.7.3133.0| 5,639,048| 25-Jul-2018| 02:09 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \nclrjit.dll| 4.7.3133.0| 686,976| 25-Jul-2018| 02:09 \nclr.dll| 4.7.3133.0| 6,759,800| 25-Jul-2018| 02:09 \nmscordacwks.dll| 4.7.3133.0| 1,296,792| 25-Jul-2018| 02:09 \nmscordbi.dll| 4.7.3133.0| 1,131,920| 25-Jul-2018| 02:09 \nmscoreei.dll| 4.6.1099.0| 514,544| 27-Mar-2017| 03:27 \nmscorlib.ni.dll| 4.7.3133.0| 20,717,104| 25-Jul-2018| 02:50 \nmsvcp120_clr0400.dll| 12.0.52242.36242| 602,080| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52242.36242| 634,336| 11-May-2018| 01:43 \nsos.dll| 4.7.3133.0| 648,568| 25-Jul-2018| 02:09 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nwminet_utils.dll| 4.7.2102.0| 110,592| 06-Jun-2017| 23:10 \nworkflowservicehostperformancecounters.dll| 4.7.3130.0| 72,720| 06-Jun-2018| 06:08 \nsystem.data.dll| 4.7.2623.0| 3,389,936| 30-Nov-2017| 04:09 \nsystem.transactions.dll| 4.6.1099.0| 304,152| 27-Mar-2017| 03:27 \nsystem.web.dll| 4.7.2623.0| 5,411,304| 30-Nov-2017| 04:09 \nsmdiagnostics.dll| 4.7.3130.0| 73,808| 06-Jun-2018| 06:16 \nsystem.activities.dll| 4.7.3130.0| 1,532,544| 06-Jun-2018| 06:16 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.sqlxml.dll| 4.7.2612.0| 734,400| 22-Nov-2017| 20:59 \nsystem.deployment.dll| 4.6.1099.0| 846,016| 27-Mar-2017| 03:33 \nsystem.directoryservices.protocols.dll| 4.6.1099.0| 200,488| 27-Mar-2017| 03:33 \nsystem.drawing.dll| 4.6.1099.0| 594,616| 27-Mar-2017| 03:33 \nsystem.identitymodel.dll| 4.7.3130.0| 1,090,176| 06-Jun-2018| 06:16 \nsystem.management.dll| 4.7.2102.0| 415,432| 06-Jun-2017| 23:17 \nsystem.net.http.dll| 4.7.2634.0| 203,352| 02-Feb-2018| 21:11 \nsystem.runtime.remoting.dll| 4.7.2114.0| 347,368| 30-Aug-2017| 06:04 \nsystem.runtime.serialization.dll| 4.7.3130.0| 1,056,456| 06-Jun-2018| 06:16 \nsystem.security.dll| 4.7.2650.0| 324,696| 21-Mar-2018| 04:49 \nsystem.servicemodel.internals.dll| 4.7.3130.0| 260,808| 06-Jun-2018| 06:16 \nsystem.servicemodel.dll| 4.7.3130.0| 6,321,784| 06-Jun-2018| 06:16 \nsystem.web.applicationservices.dll| 4.7.2623.0| 70,912| 30-Nov-2017| 04:16 \nsystem.windows.forms.dll| 4.7.2114.0| 5,181,656| 30-Aug-2017| 06:04 \nsystem.xaml.dll| 4.7.2672.0| 643,560| 19-Jul-2018| 22:47 \nsystem.xml.dll| 4.7.2612.0| 2,670,224| 22-Nov-2017| 20:59 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344145)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344145", "href": "https://support.microsoft.com/en-us/help/4344145", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T22:41:31", "description": "<html><body><p>Resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.</p><h2></h2><p>This article also applies to the following:</p><ul><li>Microsoft .NET Framework 3.5</li></ul><h2>Summary</h2><div class=\"kb-summary-section section\"><p>This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which\u00a0content from one stream can blend into another stream.</p><p>To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.</p><p>This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.</p>To learn more about this vulnerability, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360\" id=\"kb-link-2\" target=\"\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8360</a>.</div><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span>All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/2919355\" target=\"_blank\">2919355</a> to be installed. We recommend that you install update <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/2919355\" target=\"_blank\">2919355</a> on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future</span></span></span>.</li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security\u00a0update as it relates to individual product versions.</span></div><div>\u00a0</div><ul><li><span><a href=\"https://support.microsoft.com/help/4344178\" managed-link=\"\">4344178</a> Description of the Security Only update for .NET Framework 3.5 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344178)</span></li><li><a href=\"https://support.microsoft.com/help/4344171\" managed-link=\"\">4344171</a> Description of the Security Only update for .NET Framework 4.5.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344171)</li><li><a href=\"https://support.microsoft.com/help/4344166\" managed-link=\"\">4344166</a> Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344166)</li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T17:07:55", "type": "mskb", "title": "Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4345681)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T17:07:55", "id": "KB4345681", "href": "https://support.microsoft.com/en-us/help/4345681/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:35", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:[4345590](<https://support.microsoft.com/help/4345590>) Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345590)For more information about this security update as it relates to Windows Server 2008 SP2, see the following article in the Microsoft Knowledge Base:[4345593](<https://support.microsoft.com/help/4345593>) Security and Quality updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4345593)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345590** for Windows 7 SP1 and Windows Server 2008 R2 SP1 or type **4345593** for Windows Server 2008 SP2 in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nFor Windows 7 SP1 and Windows Server 2008 R2 SP1, this update replaces previously released updates [4340556](<https://support.microsoft.com/help/4340556>) and [4291493](<https://support.microsoft.com/help/4291493>).For Windows Server 2008, this update replaces previously released updates [4340559](<https://support.microsoft.com/help/4340559>) and [4291501](<https://support.microsoft.com/help/4291501>). \n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nNDP45-KB4344149-x64.exe| 138A3B13CB3621002ABAA6AA858A02835FFB0C9E| 514277135C540AE42C570A6FDBD1F1B782C45B917C276CAB881942B21865F3BC \nNDP45-KB4344149-x86.exe| DCA12BE5B6FB5E7D6728D7477D0BA8EC193B451B| 56519C415E2211AF02E9D8C55986D3A88F90E49B4F263F61F8190EC75988670D \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nSystem.Web.DataVisualization.dll| 4.0.30319.36415| 1,713,560| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.Activities.Compiler.dll| 12.0.52415.36415| 3,194,664| 27-Jul-2018| 21:39 \nvbc.exe| 12.0.52415.36415| 2,459,256| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.Activities.CompilerUI.dll| 12.0.52415.36415| 272,184| 27-Jul-2018| 21:39 \nvbc7ui.dll| 12.0.52415.36415| 271,512| 27-Jul-2018| 21:39 \nAccessibility.dll| 4.0.30319.36415| 36,008| 27-Jul-2018| 21:39 \nAddInProcess.exe| 4.0.30319.36415| 42,104| 27-Jul-2018| 21:39 \nAddInProcess32.exe| 4.0.30319.36415| 42,104| 27-Jul-2018| 21:39 \nAddInUtil.exe| 4.0.30319.36415| 42,104| 27-Jul-2018| 21:39 \nAdoNetDiag.dll| 4.0.30319.36415| 170,664| 27-Jul-2018| 21:39 \nalink.dll| 12.0.52415.36415| 116,888| 27-Jul-2018| 21:39 \nalinkui.dll| 12.0.52415.36415| 35,488| 27-Jul-2018| 21:39 \nAppLaunch.exe| 4.0.30319.36415| 98,424| 27-Jul-2018| 21:39 \naspnet_compiler.exe| 4.0.30319.36415| 55,928| 27-Jul-2018| 21:39 \naspnet_counters.dll| 4.0.30319.36415| 28,352| 27-Jul-2018| 21:39 \naspnet_filter.dll| 4.0.30319.36415| 34,488| 27-Jul-2018| 21:39 \naspnet_isapi.dll| 4.0.30319.36415| 24,760| 27-Jul-2018| 21:39 \nAspnet_perf.dll| 4.0.30319.36430| 41,616| 27-Jul-2018| 21:39 \naspnet_perf.ini| | 997,498| 27-Jul-2018| 21:39 \naspnet_perf2.ini| | 995,542| 27-Jul-2018| 21:39 \naspnet_rc.dll| 4.0.30319.36415| 90,280| 27-Jul-2018| 21:39 \naspnet_regbrowsers.exe| 4.0.30319.36415| 45,176| 27-Jul-2018| 21:39 \naspnet_regiis.exe| 4.0.30319.36415| 41,080| 27-Jul-2018| 21:39 \naspnet_regsql.exe| 4.0.30319.36415| 127,608| 27-Jul-2018| 21:39 \naspnet_state.exe| 4.0.30319.36415| 45,688| 27-Jul-2018| 21:39 \naspnet_wp.exe| 4.0.30319.36430| 43,104| 27-Jul-2018| 21:39 \nAspNetMMCExt.dll| 4.0.30319.36415| 509,624| 27-Jul-2018| 21:39 \nCasPol.exe| 4.0.30319.36415| 108,152| 27-Jul-2018| 21:39 \nclr.dll| 4.0.30319.36460| 6,939,640| 27-Jul-2018| 21:43 \nCLR-ETW.man| | 303,549| 27-Jul-2018| 21:39 \nclrcompression.dll| 4.0.30319.36415| 106,688| 27-Jul-2018| 21:39 \nclretwrc.dll| 4.0.30319.36415| 228,008| 27-Jul-2018| 21:39 \nclrjit.dll| 4.0.30319.36460| 510,464| 27-Jul-2018| 21:43 \nComSvcConfig.exe| 4.0.30319.36415| 176,760| 27-Jul-2018| 21:39 \nCORPerfMonExt.dll| 4.0.30319.36415| 127,672| 27-Jul-2018| 21:39 \ncorperfmonsymbols.ini| | 1,516,922| 27-Jul-2018| 21:39 \ncsc.exe| 4.0.30319.36415| 1,853,048| 27-Jul-2018| 21:39 \ncscui.dll| 4.0.30319.36415| 203,416| 27-Jul-2018| 21:39 \nCulture.dll| 4.0.30319.36415| 54,432| 27-Jul-2018| 21:39 \nCustomMarshalers.dll| 4.0.30319.36415| 95,936| 27-Jul-2018| 21:39 \ncvtres_clr.exe| 12.0.52415.36415| 43,128| 27-Jul-2018| 21:39 \ncvtresui_clr.dll| 12.0.52415.36415| 20,144| 27-Jul-2018| 21:39 \nDataSvcUtil.exe| 4.0.30319.36415| 73,336| 27-Jul-2018| 21:39 \ndfdll.dll| 4.0.30319.36415| 141,976| 27-Jul-2018| 21:39 \ndfshim.dll.mui| 4.0.41209.0| 18,600| 27-Jul-2018| 21:39 \ndfsvc.exe| 4.0.30319.36415| 23,160| 27-Jul-2018| 21:39 \ndiasymreader.dll| 12.0.52415.36415| 859,824| 27-Jul-2018| 21:39 \ndw20.exe| 4.0.30319.36415| 45,176| 27-Jul-2018| 21:39 \nEdmGen.exe| 4.0.30319.36415| 85,624| 27-Jul-2018| 21:39 \nEventLogMessages.dll| 4.0.30319.36415| 804,552| 27-Jul-2018| 21:39 \nfiletracker.dll| 12.0.52415.36415| 226,992| 27-Jul-2018| 21:39 \nFileTrackerUI.dll| 12.0.52415.36415| 21,688| 27-Jul-2018| 21:39 \nfusion.dll| 4.0.30319.36415| 74,904| 27-Jul-2018| 21:39 \nie.browser| | 5,166| 27-Jul-2018| 21:39 \nilasm.exe| 4.0.30319.36415| 297,080| 27-Jul-2018| 21:39 \nInstallPersistSqlState.sql| | 54,647| 27-Jul-2018| 21:39 \nInstallSqlState.sql| | 54,427| 27-Jul-2018| 21:39 \nInstallSqlStateTemplate.sql| | 56,233| 27-Jul-2018| 21:39 \nInstallUtil.exe| 4.0.30319.36415| 40,568| 27-Jul-2018| 21:39 \nInstallUtilLib.dll| 4.0.30319.36415| 68,280| 27-Jul-2018| 21:39 \nISymWrapper.dll| 4.0.30319.36415| 71,856| 27-Jul-2018| 21:39 \njsc.exe| 12.0.52415.36415| 47,224| 27-Jul-2018| 21:39 \nlocale.nlp| | 419,632| 27-Jul-2018| 21:39 \nMicrosoft.Activities.Build.dll| 4.0.30319.36415| 54,160| 27-Jul-2018| 21:39 \nMicrosoft.Build.Conversion.v4.0.dll| 4.0.30319.36415| 85,248| 27-Jul-2018| 21:39 \nMicrosoft.Build.dll| 4.0.30319.36415| 1,448,128| 27-Jul-2018| 21:39 \nMicrosoft.Build.Engine.dll| 4.0.30319.36415| 668,376| 27-Jul-2018| 21:39 \nMicrosoft.Build.Framework.dll| 4.0.30319.36415| 101,608| 27-Jul-2018| 21:39 \nMicrosoft.Build.Tasks.v4.0.dll| 4.0.30319.36415| 1,191,152| 27-Jul-2018| 21:39 \nMicrosoft.Build.Utilities.v4.0.dll| 4.0.30319.36415| 273,664| 27-Jul-2018| 21:39 \nMicrosoft.Common.OverrideTasks| | 6,297| 27-Jul-2018| 21:39 \nMicrosoft.Common.targets| | 262,547| 27-Jul-2018| 21:39 \nMicrosoft.CSharp.dll| 4.0.30319.36415| 492,224| 27-Jul-2018| 21:39 \nMicrosoft.Data.Entity.Build.Tasks.dll| 4.0.30319.36415| 53,000| 27-Jul-2018| 21:39 \nMicrosoft.Data.Entity.targets| | 6,501| 27-Jul-2018| 21:43 \nMicrosoft.Internal.Tasks.Dataflow.dll| 4.0.30319.36415| 184,584| 27-Jul-2018| 21:39 \nMicrosoft.Transactions.Bridge.dll| 4.0.30319.36415| 407,824| 27-Jul-2018| 21:39 \nMicrosoft.Transactions.Bridge.Dtc.dll| 4.0.30319.36415| 131,336| 27-Jul-2018| 21:39 \nMicrosoft.VisualC.STLCLR.dll| 12.0.52415.36415| 50,920| 27-Jul-2018| 21:39 \nMicrosoft.Windows.ApplicationServer.Applications.dll.mui| 4.0.30319.36415| 99,160| 27-Jul-2018| 21:39 \nMicrosoft.Windows.ApplicationServer.Applications.dll| 4.0.30319.36415| 141,192| 27-Jul-2018| 21:39 \nMicrosoft.WinFX.targets| | 42,213| 27-Jul-2018| 21:39 \nMicrosoft.Workflow.Compiler.exe| 4.0.30319.36415| 32,888| 27-Jul-2018| 21:39 \nMicrosoft.WorkflowBuildExtensions.targets| | 7,537| 27-Jul-2018| 21:39 \nMicrosoft.Xaml.targets| | 19,848| 27-Jul-2018| 21:39 \nmicrosoft.build.commontypes.xsd| | 241,004| 27-Jul-2018| 21:39 \nMicrosoft.JScript.dll| 12.0.52415.36415| 758,984| 27-Jul-2018| 21:39 \nMicrosoft.JScript.tlb| 12.0.52415.36415| 57,856| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.Compatibility.Data.dll| 12.0.52415.36415| 108,840| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.Compatibility.dll| 12.0.52415.36415| 360,208| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.dll| 12.0.52415.36415| 651,488| 27-Jul-2018| 21:39 \nMicrosoft.VisualC.dll| 12.0.52415.36415| 30,408| 27-Jul-2018| 21:39 \nMmcAspExt.dll| 4.0.30319.36415| 107,176| 27-Jul-2018| 21:39 \nMSBuild.exe| 4.0.30319.36415| 267,896| 27-Jul-2018| 21:39 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 27-Jul-2018| 21:43 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 27-Jul-2018| 21:43 \nmscoree.tlb| 4.0.30319.36415| 30,720| 27-Jul-2018| 21:39 \nmscoreei.dll| 4.0.30319.36415| 516,264| 27-Jul-2018| 21:39 \nmscoreeis.dll| 4.0.30319.36415| 32,936| 27-Jul-2018| 21:39 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 27-Jul-2018| 21:43 \nmscorpe.dll| 4.0.30319.36415| 75,424| 27-Jul-2018| 21:39 \nmscorpehost.dll| 4.0.30319.36415| 139,952| 27-Jul-2018| 21:39 \nmscorrc.dll| 4.0.30319.36415| 395,936| 27-Jul-2018| 21:39 \nmscorsecimpl.dll| 4.0.30319.36415| 104,632| 27-Jul-2018| 21:39 \nmscorsecr.dll| 4.0.30319.36415| 38,056| 27-Jul-2018| 21:39 \nmscorsn.dll| 4.0.30319.36415| 25,760| 27-Jul-2018| 21:39 \nmscorsvc.dll| 4.0.30319.36415| 414,880| 27-Jul-2018| 21:39 \nmscorsvw.exe| 4.0.30319.36415| 103,552| 27-Jul-2018| 21:39 \nVsVersion.dll| 12.0.52415.36415| 18,088| 27-Jul-2018| 21:39 \nngen.exe| 4.0.30319.36415| 140,920| 27-Jul-2018| 21:39 \nnlssorting.dll| 4.0.30319.36415| 74,928| 27-Jul-2018| 21:39 \nnormalization.dll| 4.0.30319.36415| 31,416| 27-Jul-2018| 21:39 \nPenIMC.dll| 4.0.30319.36415| 81,560| 27-Jul-2018| 21:39 \nPerfCounter.dll| 4.0.30319.36415| 204,464| 27-Jul-2018| 21:39 \npeverify.dll| 4.0.30319.36460| 163,968| 27-Jul-2018| 21:43 \nPresentationBuildTasks.dll| 4.0.30319.36415| 604,536| 27-Jul-2018| 21:39 \nPresentationCore.dll| 4.0.30319.36415| 3,226,976| 27-Jul-2018| 21:39 \nPresentationFramework.Aero.dll| 4.0.30319.36415| 249,232| 27-Jul-2018| 21:39 \npresentationframework.aerolite.dll| 4.0.30319.36415| 177,560| 27-Jul-2018| 21:39 \nPresentationFramework.Classic.dll| 4.0.30319.36415| 181,144| 27-Jul-2018| 21:39 \nPresentationFramework.Luna.dll| 4.0.30319.36415| 484,752| 27-Jul-2018| 21:39 \nPresentationFramework.Royale.dll| 4.0.30319.36415| 208,272| 27-Jul-2018| 21:39 \nPresentationFramework.dll| 4.0.30319.36415| 6,221,688| 27-Jul-2018| 21:39 \nPresentationFramework-SystemCore.dll| 4.0.30319.36415| 25,352| 27-Jul-2018| 21:39 \nPresentationFramework-SystemData.dll| 4.0.30319.36415| 23,816| 27-Jul-2018| 21:39 \nPresentationFramework-SystemDrawing.dll| 4.0.30319.36415| 24,336| 27-Jul-2018| 21:39 \nPresentationFramework-SystemXml.dll| 4.0.30319.36415| 24,832| 27-Jul-2018| 21:39 \nPresentationFramework-SystemXmlLinq.dll| 4.0.30319.36415| 22,800| 27-Jul-2018| 21:39 \nPresentationHost_v0400.dll| 4.0.30319.36415| 186,072| 27-Jul-2018| 21:39 \nPresentationHost_v0400.dll.mui| 4.0.30319.36415| 84,720| 27-Jul-2018| 21:39 \nPresentationNative_v0400.dll| 4.0.30319.36415| 790,248| 27-Jul-2018| 21:39 \nPresentationUI.dll| 4.0.30319.36415| 847,032| 27-Jul-2018| 21:39 \nReachFramework.dll| 4.0.30319.36415| 595,288| 27-Jul-2018| 21:39 \nRegAsm.exe| 4.0.30319.36415| 64,632| 27-Jul-2018| 21:39 \nRegSvcs.exe| 4.0.30319.36415| 45,176| 27-Jul-2018| 21:39 \nregtlib.exe| 12.0.52415.36415| 84,600| 27-Jul-2018| 21:39 \nsbscmp10.dll| 4.0.41209.0| 23,720| 27-Jul-2018| 21:39 \nServiceModelEvents.dll.mui| 4.0.30319.36415| 43,744| 27-Jul-2018| 21:39 \nServiceModelEvents.dll| 4.0.30319.36415| 18,128| 27-Jul-2018| 21:39 \nServiceModelInstallRC.dll.mui| 4.0.30319.36415| 19,688| 27-Jul-2018| 21:39 \nServiceModelInstallRC.dll| 4.0.30319.36415| 18,136| 27-Jul-2018| 21:39 \nServiceModelPerformanceCounters.dll.mui| 4.0.30319.36415| 47,376| 27-Jul-2018| 21:39 \nServiceModelPerformanceCounters.dll| 4.0.30319.36415| 77,056| 27-Jul-2018| 21:39 \nServiceModelReg.exe| 4.0.30319.36415| 226,424| 27-Jul-2018| 21:39 \nServiceModelRegUI.dll.mui| 4.0.30319.36415| 37,592| 27-Jul-2018| 21:39 \nServiceModelRegUI.dll| 4.0.30319.36415| 18,120| 27-Jul-2018| 21:39 \nServiceMonikerSupport.dll| 4.0.30319.36450| 28,360| 27-Jul-2018| 21:39 \nSMDiagnostics.dll| 4.0.30319.36450| 73,328| 27-Jul-2018| 21:39 \nSMSvcHost.exe| 4.0.30319.36415| 139,896| 27-Jul-2018| 21:39 \nSOS.dll| 4.0.30319.36460| 762,472| 27-Jul-2018| 21:43 \nSystem.Speech.dll| 4.0.30319.36415| 686,424| 27-Jul-2018| 21:39 \nsysglobl.dll| 4.0.30319.36415| 133,264| 27-Jul-2018| 21:39 \nSystem.Activities.Core.Presentation.dll| 4.0.30319.36415| 718,256| 27-Jul-2018| 21:39 \nSystem.Activities.dll| 4.0.30319.36450| 1,582,704| 27-Jul-2018| 21:39 \nSystem.Activities.DurableInstancing.dll| 4.0.30319.36415| 144,176| 27-Jul-2018| 21:39 \nSystem.Activities.Presentation.dll| 4.0.30319.36415| 2,140,568| 27-Jul-2018| 21:39 \nSystem.AddIn.Contract.dll| 4.0.30319.36415| 52,440| 27-Jul-2018| 21:39 \nSystem.AddIn.dll| 4.0.30319.36415| 163,512| 27-Jul-2018| 21:39 \nSystem.Collections.Concurrent.dll| 4.0.30319.36415| 29,456| 27-Jul-2018| 21:39 \nSystem.Collections.dll| 4.0.30319.36415| 29,896| 27-Jul-2018| 21:39 \nSystem.ComponentModel.Annotations.dll| 4.0.30319.36415| 29,992| 27-Jul-2018| 21:39 \nSystem.ComponentModel.Composition.dll| 4.0.30319.36415| 312,104| 27-Jul-2018| 21:39 \nSystem.ComponentModel.Composition.Registration.dll| 4.0.30319.36415| 62,848| 27-Jul-2018| 21:39 \nSystem.ComponentModel.DataAnnotations.dll| 4.0.30319.36415| 120,640| 27-Jul-2018| 21:39 \nSystem.ComponentModel.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.ComponentModel.EventBasedAsync.dll| 4.0.30319.36415| 29,504| 27-Jul-2018| 21:39 \nSystem.Core.dll| 4.0.30319.36415| 1,271,976| 27-Jul-2018| 21:39 \nSystem.Data.DataSetExtensions.dll| 4.0.30319.36415| 72,464| 27-Jul-2018| 21:39 \nSystem.Data.Entity.Design.dll| 4.0.30319.36415| 1,087,208| 27-Jul-2018| 21:39 \nSystem.Data.Entity.dll| 4.0.30319.36415| 4,099,280| 27-Jul-2018| 21:39 \nSystem.Data.Linq.dll| 4.0.30319.36415| 698,568| 27-Jul-2018| 21:39 \nSystem.Data.Services.Client.dll| 4.0.30319.36415| 448,240| 27-Jul-2018| 21:39 \nSystem.Data.Services.Design.dll| 4.0.30319.36415| 176,368| 27-Jul-2018| 21:39 \nSystem.Data.Services.dll| 4.0.30319.36415| 684,248| 27-Jul-2018| 21:39 \nSystem.Diagnostics.Contracts.dll| 4.0.30319.36415| 29,960| 27-Jul-2018| 21:39 \nSystem.Diagnostics.Debug.dll| 4.0.30319.36415| 29,424| 27-Jul-2018| 21:39 \nSystem.Diagnostics.Tools.dll| 4.0.30319.36415| 29,424| 27-Jul-2018| 21:39 \nSystem.Diagnostics.Tracing.dll| 4.0.30319.36415| 29,440| 27-Jul-2018| 21:39 \nSystem.DirectoryServices.AccountManagement.dll| 4.0.30319.36415| 297,776| 27-Jul-2018| 21:39 \nSystem.Dynamic.dll| 4.0.30319.36415| 134,320| 27-Jul-2018| 21:39 \nSystem.Dynamic.Runtime.dll| 4.0.30319.36415| 29,928| 27-Jul-2018| 21:39 \nSystem.Globalization.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.IdentityModel.dll| 4.0.30319.36450| 1,093,784| 27-Jul-2018| 21:39 \nSystem.IdentityModel.Selectors.dll| 4.0.30319.36415| 145,680| 27-Jul-2018| 21:39 \nSystem.IdentityModel.Services.dll| 4.0.30319.36450| 199,912| 27-Jul-2018| 21:39 \nSystem.IO.dll| 4.0.30319.36415| 29,336| 27-Jul-2018| 21:39 \nSystem.IO.Log.dll| 4.0.30319.36415| 134,992| 27-Jul-2018| 21:39 \nSystem.Linq.dll| 4.0.30319.36415| 29,344| 27-Jul-2018| 21:39 \nSystem.Linq.Expressions.dll| 4.0.30319.36415| 31,472| 27-Jul-2018| 21:39 \nSystem.Linq.Parallel.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.Linq.Queryable.dll| 4.0.30319.36415| 29,408| 27-Jul-2018| 21:39 \nSystem.Management.Instrumentation.dll| 4.0.30319.36415| 146,696| 27-Jul-2018| 21:39 \nSystem.Net.dll| 4.0.30319.36415| 259,744| 27-Jul-2018| 21:39 \nSystem.Net.Http.Rtc.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.Net.NetworkInformation.dll| 4.0.30319.36415| 29,456| 27-Jul-2018| 21:39 \nSystem.Net.Primitives.dll| 4.0.30319.36415| 29,408| 27-Jul-2018| 21:39 \nSystem.Net.Requests.dll| 4.0.30319.36415| 29,392| 27-Jul-2018| 21:39 \nSystem.ObjectModel.dll| 4.0.30319.36415| 29,904| 27-Jul-2018| 21:39 \nSystem.Printing.dll| 4.0.30319.36415| 343,384| 27-Jul-2018| 21:39 \nSystem.Reflection.dll| 4.0.30319.36415| 29,896| 27-Jul-2018| 21:39 \nSystem.Reflection.Emit.dll| 4.0.30319.36415| 29,416| 27-Jul-2018| 21:39 \nSystem.Reflection.Emit.ILGeneration.dll| 4.0.30319.36415| 29,488| 27-Jul-2018| 21:39 \nSystem.Reflection.Emit.Lightweight.dll| 4.0.30319.36415| 29,488| 27-Jul-2018| 21:39 \nSystem.Reflection.Extensions.dll| 4.0.30319.36415| 29,448| 27-Jul-2018| 21:39 \nSystem.Reflection.Primitives.dll| 4.0.30319.36415| 29,448| 27-Jul-2018| 21:39 \nSystem.Resources.ResourceManager.dll| 4.0.30319.36415| 29,472| 27-Jul-2018| 21:39 \nSystem.Runtime.dll| 4.0.30319.36415| 36,528| 27-Jul-2018| 21:39 \nSystem.Runtime.DurableInstancing.dll| 4.0.30319.36415| 173,344| 27-Jul-2018| 21:39 \nSystem.Runtime.Extensions.dll| 4.0.30319.36415| 29,432| 27-Jul-2018| 21:39 \nSystem.Runtime.InteropServices.dll| 4.0.30319.36415| 32,536| 27-Jul-2018| 21:39 \nSystem.Runtime.InteropServices.WindowsRuntime.dll| 4.0.30319.36415| 29,560| 27-Jul-2018| 21:39 \nSystem.Runtime.Numerics.dll| 4.0.30319.36415| 29,424| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.dll| 4.0.30319.36450| 1,060,008| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.Json.dll| 4.0.30319.36415| 29,480| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.Primitives.dll| 4.0.30319.36415| 29,520| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.Xml.dll| 4.0.30319.36415| 29,984| 27-Jul-2018| 21:39 \nSystem.Security.Principal.dll| 4.0.30319.36415| 29,432| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Activation.dll| 4.0.30319.36415| 204,184| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Activities.dll| 4.0.30319.36415| 570,264| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Channels.dll| 4.0.30319.36450| 159,624| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Discovery.dll| 4.0.30319.36450| 312,712| 27-Jul-2018| 21:39 \nSystem.ServiceModel.dll| 4.0.30319.36450| 6,386,832| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Duplex.dll| 4.0.30319.36415| 29,440| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Http.dll| 4.0.30319.36415| 29,936| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Internals.dll| 4.0.30319.36450| 254,648| 27-Jul-2018| 21:39 \nSystem.ServiceModel.NetTcp.dll| 4.0.30319.36415| 29,432| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Primitives.dll| 4.0.30319.36415| 34,072| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Routing.dll| 4.0.30319.36415| 132,496| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Security.dll| 4.0.30319.36415| 29,960| 27-Jul-2018| 21:39 \nSystem.ServiceModel.ServiceMoniker40.dll| 4.0.30319.36415| 23,312| 27-Jul-2018| 21:39 \nSystem.ServiceModel.WasHosting.dll| 4.0.30319.36450| 39,664| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Web.dll| 4.0.30319.36415| 332,520| 27-Jul-2018| 21:39 \nSystem.Text.Encoding.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.Text.Encoding.Extensions.dll| 4.0.30319.36415| 29,464| 27-Jul-2018| 21:39 \nSystem.Text.RegularExpressions.dll| 4.0.30319.36415| 29,456| 27-Jul-2018| 21:39 \nSystem.Threading.dll| 4.0.30319.36415| 29,888| 27-Jul-2018| 21:39 \nSystem.Threading.Tasks.dll| 4.0.30319.36415| 30,432| 27-Jul-2018| 21:39 \nSystem.Threading.Tasks.Parallel.dll| 4.0.30319.36415| 29,472| 27-Jul-2018| 21:39 \nSystem.Web.Abstractions.dll| 4.0.30319.36415| 22,912| 27-Jul-2018| 21:39 \nSystem.Web.ApplicationServices.dll| 4.0.30319.36430| 71,424| 27-Jul-2018| 21:39 \nSystem.Web.DataVisualization.Design.dll| 4.0.30319.36415| 106,928| 27-Jul-2018| 21:39 \nSystem.Web.DynamicData.Design.dll| 4.0.30319.36415| 44,952| 27-Jul-2018| 21:39 \nSystem.Web.DynamicData.dll| 4.0.30319.36415| 248,696| 27-Jul-2018| 21:39 \nSystem.Web.Entity.Design.dll| 4.0.30319.36415| 172,264| 27-Jul-2018| 21:39 \nSystem.Web.Entity.dll| 4.0.30319.36415| 166,088| 27-Jul-2018| 21:39 \nSystem.Web.Extensions.Design.dll| 4.0.30319.36415| 354,704| 27-Jul-2018| 21:39 \nSystem.Web.Extensions.dll| 4.0.30319.36430| 1,859,280| 27-Jul-2018| 21:39 \nSystem.Web.Routing.dll| 4.0.30319.36415| 22,376| 27-Jul-2018| 21:39 \nSystem.Windows.dll| 4.0.30319.36415| 31,416| 27-Jul-2018| 21:39 \nSystem.Windows.Forms.DataVisualization.Design.dll| 4.0.30319.36415| 82,904| 27-Jul-2018| 21:39 \nSystem.Windows.Forms.DataVisualization.dll| 4.0.30319.36415| 1,726,392| 27-Jul-2018| 21:39 \nSystem.Workflow.Activities.dll| 4.0.30319.36450| 1,068,416| 27-Jul-2018| 21:39 \nSystem.Workflow.ComponentModel.dll| 4.0.30319.36450| 1,560,464| 27-Jul-2018| 21:39 \nSystem.Workflow.Runtime.dll| 4.0.30319.36450| 503,664| 27-Jul-2018| 21:39 \nSystem.WorkflowServices.dll| 4.0.30319.36415| 455,040| 27-Jul-2018| 21:39 \nSystem.Xaml.Hosting.dll| 4.0.30319.36415| 42,704| 27-Jul-2018| 21:39 \nSystem.Xml.Linq.dll| 4.0.30319.36415| 163,512| 27-Jul-2018| 21:39 \nSystem.Xml.ReaderWriter.dll| 4.0.30319.36415| 29,928| 27-Jul-2018| 21:39 \nSystem.Xml.Serialization.dll| 4.0.30319.36415| 45,808| 27-Jul-2018| 21:39 \nSystem.Xml.XDocument.dll| 4.0.30319.36415| 29,912| 27-Jul-2018| 21:39 \nSystem.Xml.XmlSerializer.dll| 4.0.30319.36415| 29,936| 27-Jul-2018| 21:39 \nSystem.Runtime.Caching.dll| 4.0.30319.36415| 109,272| 27-Jul-2018| 21:39 \nSystem.Configuration.dll| 4.0.30319.36415| 402,648| 27-Jul-2018| 21:39 \nSystem.Configuration.Install.dll| 4.0.30319.36415| 103,176| 27-Jul-2018| 21:39 \nSystem.Data.dll| 4.0.30319.36415| 3,209,392| 27-Jul-2018| 21:39 \nSystem.Data.OracleClient.dll| 4.0.30319.36415| 509,672| 27-Jul-2018| 21:39 \nSystem.Data.SqlXml.dll| 4.0.30319.36430| 752,312| 27-Jul-2018| 21:39 \nSystem.Deployment.dll| 4.0.30319.36415| 853,704| 27-Jul-2018| 21:39 \nSystem.Design.dll| 4.0.30319.36415| 5,056,176| 27-Jul-2018| 21:39 \nSystem.Device.dll| 4.0.30319.36415| 64,184| 27-Jul-2018| 21:39 \nSystem.DirectoryServices.dll| 4.0.30319.36415| 425,712| 27-Jul-2018| 21:39 \nSystem.DirectoryServices.Protocols.dll| 4.0.30319.36415| 203,056| 27-Jul-2018| 21:39 \nSystem.dll| 4.0.30319.36460| 3,490,240| 27-Jul-2018| 21:43 \nSystem.Drawing.Design.dll| 4.0.30319.36415| 113,888| 27-Jul-2018| 21:39 \nSystem.Drawing.dll| 4.0.30319.36415| 598,712| 27-Jul-2018| 21:39 \nSystem.Drawing.tlb| 4.0.30319.36415| 7,680| 27-Jul-2018| 21:39 \nSystem.EnterpriseServices.dll| 4.0.30319.36415| 248,552| 27-Jul-2018| 21:39 \nSystem.EnterpriseServices.Thunk.dll| 4.0.30319.36415| 86,784| 27-Jul-2018| 21:39 \nSystem.EnterpriseServices.tlb| 4.0.30319.36415| 33,280| 27-Jul-2018| 21:39 \nSystem.EnterpriseServices.Wrapper.dll| 4.0.30319.36415| 111,104| 27-Jul-2018| 21:39 \nSystem.IO.Compression.dll| 4.0.30319.36415| 71,896| 27-Jul-2018| 21:39 \nSystem.IO.Compression.FileSystem.dll| 4.0.30319.36415| 28,936| 27-Jul-2018| 21:39 \nSystem.Management.dll| 4.0.30319.36415| 417,480| 27-Jul-2018| 21:39 \nSystem.Messaging.dll| 4.0.30319.36415| 274,112| 27-Jul-2018| 21:39 \nSystem.Net.Http.dll| 4.0.30319.36415| 202,432| 27-Jul-2018| 21:39 \nSystem.Net.Http.WebRequest.dll| 4.0.30319.36415| 50,944| 27-Jul-2018| 21:39 \nSystem.Numerics.dll| 4.0.30319.36415| 86,208| 27-Jul-2018| 21:39 \nSystem.Reflection.context.dll| 4.0.30319.36415| 108,272| 27-Jul-2018| 21:39 \nSystem.Runtime.Remoting.dll| 4.0.30319.36415| 348,904| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.Formatters.Soap.dll| 4.0.30319.36415| 142,192| 27-Jul-2018| 21:39 \nSystem.Security.dll| 4.0.30319.36440| 301,648| 27-Jul-2018| 21:39 \nSystem.ServiceProcess.dll| 4.0.30319.36415| 134,872| 27-Jul-2018| 21:39 \nSystem.tlb| 12.0.52415.36415| 71,168| 27-Jul-2018| 21:39 \nSystem.Transactions.dll| 4.0.30319.36415| 289,488| 27-Jul-2018| 21:39 \nSystem.Web.dll| 4.0.30319.36430| 5,464,208| 27-Jul-2018| 21:39 \nSystem.Web.Mobile.dll| 4.0.30319.36415| 839,880| 27-Jul-2018| 21:39 \nSystem.Web.RegularExpressions.dll| 4.0.30319.36415| 107,768| 27-Jul-2018| 21:39 \nSystem.Web.Services.dll| 4.0.30319.36415| 858,320| 27-Jul-2018| 21:39 \nSystem.Web.tlb| 4.0.30319.36415| 6,144| 27-Jul-2018| 21:39 \nSystem.Windows.Controls.Ribbon.dll| 4.0.30319.36415| 751,512| 27-Jul-2018| 21:39 \nSystem.Windows.Forms.dll| 4.0.30319.36415| 4,859,608| 27-Jul-2018| 21:39 \nSystem.Windows.Forms.tlb| 4.0.30319.36415| 85,504| 27-Jul-2018| 21:39 \nSystem.Windows.Input.Manipulations.dll| 4.0.30319.36415| 68,520| 27-Jul-2018| 21:39 \nSystem.Windows.Presentation.dll| 4.0.30319.36415| 29,072| 27-Jul-2018| 21:39 \nSystem.Xaml.dll| 4.0.30319.36415| 640,672| 27-Jul-2018| 21:39 \nSystem.Xml.dll| 4.0.30319.36430| 2,705,032| 27-Jul-2018| 21:39 \nTLBREF.DLL| 4.0.30319.36415| 101,024| 27-Jul-2018| 21:39 \nUIAutomationClient.dll| 4.0.30319.36415| 178,536| 27-Jul-2018| 21:39 \nUIAutomationClientsideProviders.dll| 4.0.30319.36415| 365,984| 27-Jul-2018| 21:39 \nUIAutomationProvider.dll| 4.0.30319.36415| 48,496| 27-Jul-2018| 21:39 \nUIAutomationTypes.dll| 4.0.30319.36415| 105,832| 27-Jul-2018| 21:39 \nwebengine.dll| 4.0.30319.36430| 24,720| 27-Jul-2018| 21:39 \nwebengine4.dll| 4.0.30319.36430| 509,584| 27-Jul-2018| 21:39 \nWindowsBase.dll| 4.0.30319.36415| 1,241,936| 27-Jul-2018| 21:39 \nWindowsFormsIntegration.dll| 4.0.30319.36415| 102,784| 27-Jul-2018| 21:39 \nWMINet_Utils.dll| 4.0.30319.36415| 126,136| 27-Jul-2018| 21:39 \nWorkflowServiceHostPerformanceCounters.dll.mui| 4.0.30319.36415| 24,368| 27-Jul-2018| 21:39 \nWorkflowServiceHostPerformanceCounters.dll| 4.0.30319.36450| 75,536| 27-Jul-2018| 21:39 \nwpf-etw.man| | 151,330| 27-Jul-2018| 21:39 \nWPFFontCache_v0400.exe.mui| 4.0.30319.36415| 19,168| 27-Jul-2018| 21:39 \nWPFFontCache_v0400.exe| 4.0.30319.36415| 24,696| 27-Jul-2018| 21:39 \nwpfgfx_v0400.dll| 4.0.30319.36415| 1,648,304| 27-Jul-2018| 21:39 \nWsatConfig.exe| 4.0.30319.36415| 155,256| 27-Jul-2018| 21:39 \nXamlBuildTask.dll| 4.0.30319.36415| 133,976| 27-Jul-2018| 21:39 \nXsdBuildTask.dll| 4.0.30319.36415| 68,280| 27-Jul-2018| 21:39 \nThirdPartyNotices.txt| | 20,126| 27-Jul-2018| 21:43 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 27-Jul-2018| 21:43 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 27-Jul-2018| 21:43 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nSystem.Linq.Parallel.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.Linq.Queryable.dll| 4.0.30319.36415| 29,408| 27-Jul-2018| 21:39 \nSystem.Management.Instrumentation.dll| 4.0.30319.36415| 146,696| 27-Jul-2018| 21:39 \nSystem.Net.dll| 4.0.30319.36415| 259,744| 27-Jul-2018| 21:39 \nSystem.Net.Http.Rtc.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.Net.NetworkInformation.dll| 4.0.30319.36415| 29,456| 27-Jul-2018| 21:39 \nSystem.Net.Primitives.dll| 4.0.30319.36415| 29,408| 27-Jul-2018| 21:39 \nSystem.Net.Requests.dll| 4.0.30319.36415| 29,392| 27-Jul-2018| 21:39 \nSystem.ObjectModel.dll| 4.0.30319.36415| 29,904| 27-Jul-2018| 21:39 \nSystem.Printing.dll| 4.0.30319.36415| 342,720| 27-Jul-2018| 21:41 \nSystem.Printing.dll| 4.0.30319.36415| 343,384| 27-Jul-2018| 21:39 \nSystem.Reflection.dll| 4.0.30319.36415| 29,896| 27-Jul-2018| 21:39 \nSystem.Reflection.Emit.dll| 4.0.30319.36415| 29,416| 27-Jul-2018| 21:39 \nSystem.Reflection.Emit.ILGeneration.dll| 4.0.30319.36415| 29,488| 27-Jul-2018| 21:39 \nSystem.Reflection.Emit.Lightweight.dll| 4.0.30319.36415| 29,488| 27-Jul-2018| 21:39 \nSystem.Reflection.Extensions.dll| 4.0.30319.36415| 29,448| 27-Jul-2018| 21:39 \nSystem.Reflection.Primitives.dll| 4.0.30319.36415| 29,448| 27-Jul-2018| 21:39 \nSystem.Resources.ResourceManager.dll| 4.0.30319.36415| 29,472| 27-Jul-2018| 21:39 \nSystem.Runtime.dll| 4.0.30319.36415| 36,528| 27-Jul-2018| 21:39 \nSystem.Runtime.DurableInstancing.dll| 4.0.30319.36415| 173,344| 27-Jul-2018| 21:39 \nSystem.Runtime.Extensions.dll| 4.0.30319.36415| 29,432| 27-Jul-2018| 21:39 \nSystem.Runtime.InteropServices.dll| 4.0.30319.36415| 32,536| 27-Jul-2018| 21:39 \nSystem.Runtime.InteropServices.WindowsRuntime.dll| 4.0.30319.36415| 29,560| 27-Jul-2018| 21:39 \nSystem.Runtime.Numerics.dll| 4.0.30319.36415| 29,424| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.dll| 4.0.30319.36450| 1,060,008| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.Json.dll| 4.0.30319.36415| 29,480| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.Primitives.dll| 4.0.30319.36415| 29,520| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.Xml.dll| 4.0.30319.36415| 29,984| 27-Jul-2018| 21:39 \nSystem.Security.Principal.dll| 4.0.30319.36415| 29,432| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Activation.dll| 4.0.30319.36415| 204,184| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Activities.dll| 4.0.30319.36415| 570,264| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Channels.dll| 4.0.30319.36450| 159,624| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Discovery.dll| 4.0.30319.36450| 312,712| 27-Jul-2018| 21:39 \nSystem.ServiceModel.dll| 4.0.30319.36450| 6,386,832| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Duplex.dll| 4.0.30319.36415| 29,440| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Http.dll| 4.0.30319.36415| 29,936| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Internals.dll| 4.0.30319.36450| 254,648| 27-Jul-2018| 21:39 \nSystem.ServiceModel.NetTcp.dll| 4.0.30319.36415| 29,432| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Primitives.dll| 4.0.30319.36415| 34,072| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Routing.dll| 4.0.30319.36415| 132,496| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Security.dll| 4.0.30319.36415| 29,960| 27-Jul-2018| 21:39 \nSystem.ServiceModel.ServiceMoniker40.dll| 4.0.30319.36415| 23,312| 27-Jul-2018| 21:39 \nSystem.ServiceModel.WasHosting.dll| 4.0.30319.36450| 39,664| 27-Jul-2018| 21:39 \nSystem.ServiceModel.Web.dll| 4.0.30319.36415| 332,520| 27-Jul-2018| 21:39 \nSystem.Text.Encoding.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.Text.Encoding.Extensions.dll| 4.0.30319.36415| 29,464| 27-Jul-2018| 21:39 \nSystem.Text.RegularExpressions.dll| 4.0.30319.36415| 29,456| 27-Jul-2018| 21:39 \nSystem.Threading.dll| 4.0.30319.36415| 29,888| 27-Jul-2018| 21:39 \nSystem.Threading.Tasks.dll| 4.0.30319.36415| 30,432| 27-Jul-2018| 21:39 \nSystem.Threading.Tasks.Parallel.dll| 4.0.30319.36415| 29,472| 27-Jul-2018| 21:39 \nSystem.Web.Abstractions.dll| 4.0.30319.36415| 22,912| 27-Jul-2018| 21:39 \nSystem.Web.ApplicationServices.dll| 4.0.30319.36430| 71,424| 27-Jul-2018| 21:39 \nSystem.Web.DataVisualization.Design.dll| 4.0.30319.36415| 106,928| 27-Jul-2018| 21:39 \nSystem.Web.DynamicData.Design.dll| 4.0.30319.36415| 44,952| 27-Jul-2018| 21:39 \nSystem.Web.DynamicData.dll| 4.0.30319.36415| 248,696| 27-Jul-2018| 21:39 \nSystem.Web.Entity.Design.dll| 4.0.30319.36415| 172,264| 27-Jul-2018| 21:39 \nSystem.Web.Entity.dll| 4.0.30319.36415| 166,088| 27-Jul-2018| 21:39 \nSystem.Web.Extensions.Design.dll| 4.0.30319.36415| 354,704| 27-Jul-2018| 21:39 \nSystem.Web.Extensions.dll| 4.0.30319.36430| 1,859,280| 27-Jul-2018| 21:39 \nSystem.Web.Routing.dll| 4.0.30319.36415| 22,376| 27-Jul-2018| 21:39 \nSystem.Windows.dll| 4.0.30319.36415| 31,416| 27-Jul-2018| 21:39 \nSystem.Windows.Forms.DataVisualization.Design.dll| 4.0.30319.36415| 82,904| 27-Jul-2018| 21:39 \nSystem.Windows.Forms.DataVisualization.dll| 4.0.30319.36415| 1,726,392| 27-Jul-2018| 21:39 \nSystem.Workflow.Activities.dll| 4.0.30319.36450| 1,068,416| 27-Jul-2018| 21:39 \nSystem.Workflow.ComponentModel.dll| 4.0.30319.36450| 1,560,464| 27-Jul-2018| 21:39 \nSystem.Workflow.Runtime.dll| 4.0.30319.36450| 503,664| 27-Jul-2018| 21:39 \nSystem.WorkflowServices.dll| 4.0.30319.36415| 455,040| 27-Jul-2018| 21:39 \nSystem.Xaml.Hosting.dll| 4.0.30319.36415| 42,704| 27-Jul-2018| 21:39 \nSystem.Xml.Linq.dll| 4.0.30319.36415| 163,512| 27-Jul-2018| 21:39 \nSystem.Xml.ReaderWriter.dll| 4.0.30319.36415| 29,928| 27-Jul-2018| 21:39 \nSystem.Xml.Serialization.dll| 4.0.30319.36415| 45,808| 27-Jul-2018| 21:39 \nSystem.Xml.XDocument.dll| 4.0.30319.36415| 29,912| 27-Jul-2018| 21:39 \nSystem.Xml.XmlSerializer.dll| 4.0.30319.36415| 29,936| 27-Jul-2018| 21:39 \nSystem.Runtime.Caching.dll| 4.0.30319.36415| 109,272| 27-Jul-2018| 21:39 \nSystem.configuration.dll| 4.0.30319.36415| 402,648| 27-Jul-2018| 21:39 \nSystem.Configuration.Install.dll| 4.0.30319.36415| 103,176| 27-Jul-2018| 21:39 \nSystem.Data.dll| 4.0.30319.36415| 3,238,064| 27-Jul-2018| 21:41 \nSystem.Data.dll| 4.0.30319.36415| 3,209,392| 27-Jul-2018| 21:39 \nSystem.Data.OracleClient.dll| 4.0.30319.36415| 510,176| 27-Jul-2018| 21:41 \nSystem.Data.OracleClient.dll| 4.0.30319.36415| 509,672| 27-Jul-2018| 21:39 \nSystem.Data.SqlXml.dll| 4.0.30319.36430| 752,312| 27-Jul-2018| 21:39 \nSystem.Deployment.dll| 4.0.30319.36415| 853,704| 27-Jul-2018| 21:39 \nSystem.Design.dll| 4.0.30319.36415| 5,056,176| 27-Jul-2018| 21:39 \nSystem.Device.dll| 4.0.30319.36415| 64,184| 27-Jul-2018| 21:39 \nSystem.DirectoryServices.dll| 4.0.30319.36415| 425,712| 27-Jul-2018| 21:39 \nSystem.DirectoryServices.Protocols.dll| 4.0.30319.36415| 203,056| 27-Jul-2018| 21:39 \nSystem.dll| 4.0.30319.36460| 3,490,240| 27-Jul-2018| 21:43 \nSystem.Drawing.Design.dll| 4.0.30319.36415| 113,888| 27-Jul-2018| 21:39 \nSystem.Drawing.dll| 4.0.30319.36415| 598,712| 27-Jul-2018| 21:39 \nSystem.Drawing.tlb| 4.0.30319.36415| 7,680| 27-Jul-2018| 21:41 \nSystem.Drawing.tlb| 4.0.30319.36415| 7,680| 27-Jul-2018| 21:39 \nSystem.EnterpriseServices.dll| 4.0.30319.36415| 248,040| 27-Jul-2018| 21:41 \nSystem.EnterpriseServices.dll| 4.0.30319.36415| 248,552| 27-Jul-2018| 21:39 \nSystem.EnterpriseServices.Thunk.dll| 4.0.30319.36415| 91,392| 27-Jul-2018| 21:41 \nSystem.EnterpriseServices.Thunk.dll| 4.0.30319.36415| 86,784| 27-Jul-2018| 21:39 \nSystem.EnterpriseServices.tlb| 4.0.30319.36415| 33,280| 27-Jul-2018| 21:41 \nSystem.EnterpriseServices.tlb| 4.0.30319.36415| 33,280| 27-Jul-2018| 21:39 \nSystem.EnterpriseServices.Wrapper.dll| 4.0.30319.36415| 125,440| 27-Jul-2018| 21:41 \nSystem.EnterpriseServices.Wrapper.dll| 4.0.30319.36415| 111,104| 27-Jul-2018| 21:39 \nSystem.IO.Compression.dll| 4.0.30319.36415| 71,896| 27-Jul-2018| 21:39 \nSystem.IO.Compression.FileSystem.dll| 4.0.30319.36415| 28,936| 27-Jul-2018| 21:39 \nSystem.Management.dll| 4.0.30319.36415| 417,480| 27-Jul-2018| 21:39 \nSystem.Messaging.dll| 4.0.30319.36415| 274,112| 27-Jul-2018| 21:39 \nSystem.Net.Http.dll| 4.0.30319.36415| 202,432| 27-Jul-2018| 21:39 \nSystem.Net.Http.WebRequest.dll| 4.0.30319.36415| 50,944| 27-Jul-2018| 21:39 \nSystem.Numerics.dll| 4.0.30319.36415| 86,208| 27-Jul-2018| 21:39 \nSystem.Reflection.context.dll| 4.0.30319.36415| 108,272| 27-Jul-2018| 21:39 \nSystem.Runtime.Remoting.dll| 4.0.30319.36415| 348,904| 27-Jul-2018| 21:39 \nSystem.Runtime.Serialization.Formatters.Soap.dll| 4.0.30319.36415| 142,192| 27-Jul-2018| 21:39 \nSystem.Security.dll| 4.0.30319.36440| 301,648| 27-Jul-2018| 21:39 \nSystem.ServiceProcess.dll| 4.0.30319.36415| 134,872| 27-Jul-2018| 21:39 \nSystem.tlb| 12.0.52415.36415| 71,168| 27-Jul-2018| 21:41 \nSystem.tlb| 12.0.52415.36415| 71,168| 27-Jul-2018| 21:39 \nSystem.Transactions.dll| 4.0.30319.36415| 292,560| 27-Jul-2018| 21:41 \nSystem.Transactions.dll| 4.0.30319.36415| 289,488| 27-Jul-2018| 21:39 \nSystem.Web.dll| 4.0.30319.36430| 5,458,064| 27-Jul-2018| 21:41 \nSystem.Web.dll| 4.0.30319.36430| 5,464,208| 27-Jul-2018| 21:39 \nSystem.Web.Mobile.dll| 4.0.30319.36415| 839,880| 27-Jul-2018| 21:39 \nSystem.Web.RegularExpressions.dll| 4.0.30319.36415| 107,768| 27-Jul-2018| 21:39 \nSystem.Web.Services.dll| 4.0.30319.36415| 858,320| 27-Jul-2018| 21:39 \nSystem.Web.tlb| 4.0.30319.36415| 6,144| 27-Jul-2018| 21:41 \nSystem.Web.tlb| 4.0.30319.36415| 6,144| 27-Jul-2018| 21:39 \nSystem.Windows.Controls.Ribbon.dll| 4.0.30319.36415| 751,512| 27-Jul-2018| 21:39 \nSystem.Windows.Forms.dll| 4.0.30319.36415| 4,859,608| 27-Jul-2018| 21:39 \nSystem.Windows.Forms.tlb| 4.0.30319.36415| 85,504| 27-Jul-2018| 21:41 \nSystem.Windows.Forms.tlb| 4.0.30319.36415| 85,504| 27-Jul-2018| 21:39 \nSystem.Windows.Input.Manipulations.dll| 4.0.30319.36415| 68,520| 27-Jul-2018| 21:39 \nSystem.Windows.Presentation.dll| 4.0.30319.36415| 29,072| 27-Jul-2018| 21:39 \nSystem.Xaml.dll| 4.0.30319.36415| 640,672| 27-Jul-2018| 21:39 \nSystem.XML.dll| 4.0.30319.36430| 2,705,032| 27-Jul-2018| 21:39 \nTLBREF.DLL| 4.0.30319.36415| 115,352| 27-Jul-2018| 21:41 \nTLBREF.DLL| 4.0.30319.36415| 101,024| 27-Jul-2018| 21:39 \nSystem.Web.DataVisualization.dll| 4.0.30319.36415| 1,713,560| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.Activities.Compiler.dll| 12.0.52415.36415| 4,008,232| 27-Jul-2018| 21:41 \nMicrosoft.VisualBasic.Activities.Compiler.dll| 12.0.52415.36415| 3,194,664| 27-Jul-2018| 21:39 \nvbc.exe| 12.0.52415.36415| 3,546,232| 27-Jul-2018| 21:41 \nvbc.exe| 12.0.52415.36415| 2,459,256| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.Activities.CompilerUI.dll| 12.0.52415.36415| 272,184| 27-Jul-2018| 21:41 \nMicrosoft.VisualBasic.Activities.CompilerUI.dll| 12.0.52415.36415| 272,184| 27-Jul-2018| 21:39 \nvbc7ui.dll| 12.0.52415.36415| 271,512| 27-Jul-2018| 21:41 \nvbc7ui.dll| 12.0.52415.36415| 271,512| 27-Jul-2018| 21:39 \nAccessibility.dll| 4.0.30319.36415| 36,008| 27-Jul-2018| 21:39 \nAddInProcess.exe| 4.0.30319.36415| 42,104| 27-Jul-2018| 21:39 \nAddInProcess32.exe| 4.0.30319.36415| 42,104| 27-Jul-2018| 21:39 \nAddInUtil.exe| 4.0.30319.36415| 42,104| 27-Jul-2018| 21:39 \nAdoNetDiag.dll| 4.0.30319.36415| 188,072| 27-Jul-2018| 21:41 \nAdoNetDiag.dll| 4.0.30319.36415| 170,664| 27-Jul-2018| 21:39 \nalink.dll| 12.0.52415.36415| 145,048| 27-Jul-2018| 21:41 \nalink.dll| 12.0.52415.36415| 116,888| 27-Jul-2018| 21:39 \nalinkui.dll| 12.0.52415.36415| 35,488| 27-Jul-2018| 21:41 \nalinkui.dll| 12.0.52415.36415| 35,488| 27-Jul-2018| 21:39 \nAppLaunch.exe| 4.0.30319.36415| 115,832| 27-Jul-2018| 21:41 \nAppLaunch.exe| 4.0.30319.36415| 98,424| 27-Jul-2018| 21:39 \naspnet_compiler.exe| 4.0.30319.36415| 54,904| 27-Jul-2018| 21:41 \naspnet_compiler.exe| 4.0.30319.36415| 55,928| 27-Jul-2018| 21:39 \naspnet_counters.dll| 4.0.30319.36415| 29,888| 27-Jul-2018| 21:41 \naspnet_counters.dll| 4.0.30319.36415| 28,352| 27-Jul-2018| 21:39 \naspnet_filter.dll| 4.0.30319.36415| 37,560| 27-Jul-2018| 21:41 \naspnet_filter.dll| 4.0.30319.36415| 34,488| 27-Jul-2018| 21:39 \naspnet_isapi.dll| 4.0.30319.36415| 25,776| 27-Jul-2018| 21:41 \naspnet_isapi.dll| 4.0.30319.36415| 24,760| 27-Jul-2018| 21:39 \nAspnet_perf.dll| 4.0.30319.36430| 45,208| 27-Jul-2018| 21:41 \nAspnet_perf.dll| 4.0.30319.36430| 41,616| 27-Jul-2018| 21:39 \naspnet_perf.ini| | 997,498| 27-Jul-2018| 21:39 \naspnet_perf2.ini| | 995,542| 27-Jul-2018| 21:39 \naspnet_rc.dll| 4.0.30319.36415| 90,280| 27-Jul-2018| 21:41 \naspnet_rc.dll| 4.0.30319.36415| 90,280| 27-Jul-2018| 21:39 \naspnet_regbrowsers.exe| 4.0.30319.36415| 44,664| 27-Jul-2018| 21:41 \naspnet_regbrowsers.exe| 4.0.30319.36415| 45,176| 27-Jul-2018| 21:39 \naspnet_regiis.exe| 4.0.30319.36415| 43,640| 27-Jul-2018| 21:41 \naspnet_regiis.exe| 4.0.30319.36415| 41,080| 27-Jul-2018| 21:39 \naspnet_regsql.exe| 4.0.30319.36415| 127,096| 27-Jul-2018| 21:41 \naspnet_regsql.exe| 4.0.30319.36415| 127,608| 27-Jul-2018| 21:39 \naspnet_state.exe| 4.0.30319.36415| 50,808| 27-Jul-2018| 21:41 \naspnet_state.exe| 4.0.30319.36415| 45,688| 27-Jul-2018| 21:39 \naspnet_wp.exe| 4.0.30319.36430| 47,712| 27-Jul-2018| 21:41 \naspnet_wp.exe| 4.0.30319.36430| 43,104| 27-Jul-2018| 21:39 \nAspNetMMCExt.dll| 4.0.30319.36415| 509,624| 27-Jul-2018| 21:39 \nCasPol.exe| 4.0.30319.36415| 107,640| 27-Jul-2018| 21:41 \nCasPol.exe| 4.0.30319.36415| 108,152| 27-Jul-2018| 21:39 \nclr.dll| 4.0.30319.36460| 10,070,120| 27-Jul-2018| 22:28 \nclr.dll| 4.0.30319.36460| 6,939,640| 27-Jul-2018| 21:43 \nCLR-ETW.man| | 303,557| 27-Jul-2018| 21:41 \nCLR-ETW.man| | 303,549| 27-Jul-2018| 21:39 \nclrcompression.dll| 4.0.30319.36415| 122,048| 27-Jul-2018| 21:41 \nclrcompression.dll| 4.0.30319.36415| 106,688| 27-Jul-2018| 21:39 \nclretwrc.dll| 4.0.30319.36415| 228,008| 27-Jul-2018| 21:41 \nclretwrc.dll| 4.0.30319.36415| 228,008| 27-Jul-2018| 21:39 \nclrjit.dll| 4.0.30319.36460| 1,234,552| 27-Jul-2018| 22:28 \nclrjit.dll| 4.0.30319.36460| 510,464| 27-Jul-2018| 21:43 \nComSvcConfig.exe| 4.0.30319.36415| 176,760| 27-Jul-2018| 21:39 \nCORPerfMonExt.dll| 4.0.30319.36415| 153,784| 27-Jul-2018| 21:41 \nCORPerfMonExt.dll| 4.0.30319.36415| 127,672| 27-Jul-2018| 21:39 \ncorperfmonsymbols.ini| | 1,516,922| 27-Jul-2018| 21:39 \ncsc.exe| 4.0.30319.36415| 2,637,432| 27-Jul-2018| 21:41 \ncsc.exe| 4.0.30319.36415| 1,853,048| 27-Jul-2018| 21:39 \ncscui.dll| 4.0.30319.36415| 203,416| 27-Jul-2018| 21:41 \ncscui.dll| 4.0.30319.36415| 203,416| 27-Jul-2018| 21:39 \nCulture.dll| 4.0.30319.36415| 63,648| 27-Jul-2018| 21:41 \nCulture.dll| 4.0.30319.36415| 54,432| 27-Jul-2018| 21:39 \nCustomMarshalers.dll| 4.0.30319.36415| 104,648| 27-Jul-2018| 21:41 \nCustomMarshalers.dll| 4.0.30319.36415| 95,936| 27-Jul-2018| 21:39 \ncvtres_clr.exe| 12.0.52415.36415| 46,712| 27-Jul-2018| 21:41 \ncvtres_clr.exe| 12.0.52415.36415| 43,128| 27-Jul-2018| 21:39 \ncvtresui_clr.dll| 12.0.52415.36415| 20,144| 27-Jul-2018| 21:41 \ncvtresui_clr.dll| 12.0.52415.36415| 20,144| 27-Jul-2018| 21:39 \nDataSvcUtil.exe| 4.0.30319.36415| 73,336| 27-Jul-2018| 21:39 \ndfdll.dll| 4.0.30319.36415| 165,528| 27-Jul-2018| 21:41 \ndfdll.dll| 4.0.30319.36415| 141,976| 27-Jul-2018| 21:39 \ndfshim.dll.mui| 4.0.41209.0| 18,608| 27-Jul-2018| 21:41 \ndfshim.dll.mui| 4.0.41209.0| 18,600| 27-Jul-2018| 21:39 \ndfsvc.exe| 4.0.30319.36415| 23,160| 27-Jul-2018| 21:39 \ndiasymreader.dll| 12.0.52415.36415| 1,068,208| 27-Jul-2018| 21:41 \ndiasymreader.dll| 12.0.52415.36415| 859,824| 27-Jul-2018| 21:39 \ndw20.exe| 4.0.30319.36415| 51,320| 27-Jul-2018| 21:41 \ndw20.exe| 4.0.30319.36415| 45,176| 27-Jul-2018| 21:39 \nEdmGen.exe| 4.0.30319.36415| 85,624| 27-Jul-2018| 21:39 \nEventLogMessages.dll| 4.0.30319.36415| 804,552| 27-Jul-2018| 21:41 \nEventLogMessages.dll| 4.0.30319.36415| 804,552| 27-Jul-2018| 21:39 \nfiletracker.dll| 12.0.52415.36415| 262,832| 27-Jul-2018| 21:41 \nfiletracker.dll| 12.0.52415.36415| 226,992| 27-Jul-2018| 21:39 \nFileTrackerUI.dll| 12.0.52415.36415| 21,688| 27-Jul-2018| 21:41 \nFileTrackerUI.dll| 12.0.52415.36415| 21,688| 27-Jul-2018| 21:39 \nfusion.dll| 4.0.30319.36415| 92,832| 27-Jul-2018| 21:41 \nfusion.dll| 4.0.30319.36415| 74,904| 27-Jul-2018| 21:39 \nie.browser| | 5,166| 27-Jul-2018| 21:41 \nie.browser| | 5,166| 27-Jul-2018| 21:39 \nilasm.exe| 4.0.30319.36415| 363,640| 27-Jul-2018| 21:41 \nilasm.exe| 4.0.30319.36415| 297,080| 27-Jul-2018| 21:39 \nInstallPersistSqlState.sql| | 54,647| 27-Jul-2018| 21:41 \nInstallPersistSqlState.sql| | 54,647| 27-Jul-2018| 21:39 \nInstallSqlState.sql| | 54,427| 27-Jul-2018| 21:41 \nInstallSqlState.sql| | 54,427| 27-Jul-2018| 21:39 \nInstallSqlStateTemplate.sql| | 56,233| 27-Jul-2018| 21:41 \nInstallSqlStateTemplate.sql| | 56,233| 27-Jul-2018| 21:39 \nInstallUtil.exe| 4.0.30319.36415| 40,056| 27-Jul-2018| 21:41 \nInstallUtil.exe| 4.0.30319.36415| 40,568| 27-Jul-2018| 21:39 \nInstallUtilLib.dll| 4.0.30319.36415| 76,472| 27-Jul-2018| 21:41 \nInstallUtilLib.dll| 4.0.30319.36415| 68,280| 27-Jul-2018| 21:39 \nISymWrapper.dll| 4.0.30319.36415| 71,856| 27-Jul-2018| 21:41 \nISymWrapper.dll| 4.0.30319.36415| 71,856| 27-Jul-2018| 21:39 \njsc.exe| 12.0.52415.36415| 47,224| 27-Jul-2018| 21:39 \nlocale.nlp| | 419,632| 27-Jul-2018| 21:41 \nlocale.nlp| | 419,632| 27-Jul-2018| 21:39 \nMicrosoft.Activities.Build.dll| 4.0.30319.36415| 54,160| 27-Jul-2018| 21:39 \nMicrosoft.Build.Conversion.v4.0.dll| 4.0.30319.36415| 85,248| 27-Jul-2018| 21:39 \nMicrosoft.Build.dll| 4.0.30319.36415| 1,448,128| 27-Jul-2018| 21:39 \nMicrosoft.Build.Engine.dll| 4.0.30319.36415| 668,376| 27-Jul-2018| 21:39 \nMicrosoft.Build.Framework.dll| 4.0.30319.36415| 101,608| 27-Jul-2018| 21:39 \nMicrosoft.Build.Tasks.v4.0.dll| 4.0.30319.36415| 1,191,152| 27-Jul-2018| 21:39 \nMicrosoft.Build.Utilities.v4.0.dll| 4.0.30319.36415| 273,664| 27-Jul-2018| 21:39 \nMicrosoft.Common.OverrideTasks| | 6,297| 27-Jul-2018| 21:41 \nMicrosoft.Common.OverrideTasks| | 6,297| 27-Jul-2018| 21:39 \nMicrosoft.Common.targets| | 262,547| 27-Jul-2018| 21:41 \nMicrosoft.Common.targets| | 262,547| 27-Jul-2018| 21:39 \nMicrosoft.CSharp.dll| 4.0.30319.36415| 492,224| 27-Jul-2018| 21:39 \nMicrosoft.Data.Entity.Build.Tasks.dll| 4.0.30319.36415| 53,000| 27-Jul-2018| 21:39 \nMicrosoft.Data.Entity.targets| | 6,501| 27-Jul-2018| 21:43 \nMicrosoft.Internal.Tasks.Dataflow.dll| 4.0.30319.36415| 184,584| 27-Jul-2018| 21:39 \nMicrosoft.Transactions.Bridge.dll| 4.0.30319.36415| 407,824| 27-Jul-2018| 21:39 \nMicrosoft.Transactions.Bridge.Dtc.dll| 4.0.30319.36415| 131,848| 27-Jul-2018| 21:41 \nMicrosoft.Transactions.Bridge.Dtc.dll| 4.0.30319.36415| 131,336| 27-Jul-2018| 21:39 \nMicrosoft.VisualC.STLCLR.dll| 12.0.52415.36415| 50,920| 27-Jul-2018| 21:39 \nMicrosoft.Windows.ApplicationServer.Applications.dll| 4.0.30319.36415| 141,192| 27-Jul-2018| 21:39 \nMicrosoft.Windows.ApplicationServer.Applications.dll.mui| 4.0.30319.36415| 99,168| 27-Jul-2018| 21:41 \nMicrosoft.Windows.ApplicationServer.Applications.dll.mui| 4.0.30319.36415| 99,160| 27-Jul-2018| 21:39 \nMicrosoft.WinFX.targets| | 42,213| 27-Jul-2018| 21:41 \nMicrosoft.WinFX.targets| | 42,213| 27-Jul-2018| 21:39 \nMicrosoft.Workflow.Compiler.exe| 4.0.30319.36415| 32,888| 27-Jul-2018| 21:39 \nMicrosoft.WorkflowBuildExtensions.targets| | 7,537| 27-Jul-2018| 21:39 \nMicrosoft.Xaml.targets| | 19,848| 27-Jul-2018| 21:41 \nMicrosoft.Xaml.targets| | 19,848| 27-Jul-2018| 21:39 \nmicrosoft.build.commontypes.xsd| | 241,004| 27-Jul-2018| 21:41 \nmicrosoft.build.commontypes.xsd| | 241,004| 27-Jul-2018| 21:39 \nMicrosoft.JScript.dll| 12.0.52415.36415| 758,984| 27-Jul-2018| 21:39 \nMicrosoft.JScript.tlb| 12.0.52415.36415| 57,856| 27-Jul-2018| 21:41 \nMicrosoft.JScript.tlb| 12.0.52415.36415| 57,856| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.Compatibility.Data.dll| 12.0.52415.36415| 108,840| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.Compatibility.dll| 12.0.52415.36415| 360,208| 27-Jul-2018| 21:39 \nMicrosoft.VisualBasic.dll| 12.0.52415.36415| 651,488| 27-Jul-2018| 21:39 \nMicrosoft.VisualC.Dll| 12.0.52415.36415| 30,408| 27-Jul-2018| 21:39 \nMmcAspExt.dll| 4.0.30319.36415| 113,320| 27-Jul-2018| 21:41 \nMmcAspExt.dll| 4.0.30319.36415| 107,176| 27-Jul-2018| 21:39 \nMSBuild.exe| 4.0.30319.36415| 263,288| 27-Jul-2018| 21:41 \nMSBuild.exe| 4.0.30319.36415| 267,896| 27-Jul-2018| 21:39 \nmscordacwks.dll| 4.0.30319.36460| 1,731,208| 27-Jul-2018| 22:28 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 27-Jul-2018| 21:43 \nmscordbi.dll| 4.0.30319.36460| 1,533,568| 27-Jul-2018| 22:28 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 27-Jul-2018| 21:43 \nmscoree.tlb| 4.0.30319.36415| 30,720| 27-Jul-2018| 21:41 \nmscoree.tlb| 4.0.30319.36415| 30,720| 27-Jul-2018| 21:39 \nmscoreei.dll| 4.0.30319.36415| 636,072| 27-Jul-2018| 21:41 \nmscoreei.dll| 4.0.30319.36415| 516,264| 27-Jul-2018| 21:39 \nmscoreeis.dll| 4.0.30319.36415| 32,936| 27-Jul-2018| 21:41 \nmscoreeis.dll| 4.0.30319.36415| 32,936| 27-Jul-2018| 21:39 \nmscorlib.dll| 4.0.30319.36460| 5,219,968| 27-Jul-2018| 22:28 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 27-Jul-2018| 21:43 \nmscorpe.dll| 4.0.30319.36415| 85,152| 27-Jul-2018| 21:41 \nmscorpe.dll| 4.0.30319.36415| 75,424| 27-Jul-2018| 21:39 \nmscorpehost.dll| 4.0.30319.36415| 169,648| 27-Jul-2018| 21:41 \nmscorpehost.dll| 4.0.30319.36415| 139,952| 27-Jul-2018| 21:39 \nmscorrc.dll| 4.0.30319.36415| 395,936| 27-Jul-2018| 21:41 \nmscorrc.dll| 4.0.30319.36415| 395,936| 27-Jul-2018| 21:39 \nmscorsecimpl.dll| 4.0.30319.36415| 127,160| 27-Jul-2018| 21:41 \nmscorsecimpl.dll| 4.0.30319.36415| 104,632| 27-Jul-2018| 21:39 \nmscorsecr.dll| 4.0.30319.36415| 38,056| 27-Jul-2018| 21:41 \nmscorsecr.dll| 4.0.30319.36415| 38,056| 27-Jul-2018| 21:39 \nmscorsn.dll| 4.0.30319.36415| 26,272| 27-Jul-2018| 21:41 \nmscorsn.dll| 4.0.30319.36415| 25,760| 27-Jul-2018| 21:39 \nmscorsvc.dll| 4.0.30319.36415| 523,424| 27-Jul-2018| 21:41 \nmscorsvc.dll| 4.0.30319.36415| 414,880| 27-Jul-2018| 21:39 \nmscorsvw.exe| 4.0.30319.36415| 124,024| 27-Jul-2018| 21:41 \nmscorsvw.exe| 4.0.30319.36415| 103,552| 27-Jul-2018| 21:39 \nVsVersion.dll| 12.0.52415.36415| 18,088| 27-Jul-2018| 21:41 \nVsVersion.dll| 12.0.52415.36415| 18,088| 27-Jul-2018| 21:39 \nngen.exe| 4.0.30319.36415| 171,128| 27-Jul-2018| 21:41 \nngen.exe| 4.0.30319.36415| 140,920| 27-Jul-2018| 21:39 \nnlssorting.dll| 4.0.30319.36415| 84,144| 27-Jul-2018| 21:41 \nnlssorting.dll| 4.0.30319.36415| 74,928| 27-Jul-2018| 21:39 \nnormalization.dll| 4.0.30319.36415| 34,488| 27-Jul-2018| 21:41 \nnormalization.dll| 4.0.30319.36415| 31,416| 27-Jul-2018| 21:39 \nPenIMC.dll| 4.0.30319.36415| 94,872| 27-Jul-2018| 21:41 \nPenIMC.dll| 4.0.30319.36415| 81,560| 27-Jul-2018| 21:39 \nPerfCounter.dll| 4.0.30319.36415| 241,840| 27-Jul-2018| 21:41 \nPerfCounter.dll| 4.0.30319.36415| 204,464| 27-Jul-2018| 21:39 \npeverify.dll| 4.0.30319.36460| 225,920| 27-Jul-2018| 22:28 \npeverify.dll| 4.0.30319.36460| 163,968| 27-Jul-2018| 21:43 \nPresentationBuildTasks.dll| 4.0.30319.36415| 604,536| 27-Jul-2018| 21:39 \nPresentationCore.dll| 4.0.30319.36415| 3,210,952| 27-Jul-2018| 21:41 \nPresentationCore.dll| 4.0.30319.36415| 3,226,976| 27-Jul-2018| 21:39 \nPresentationFramework.Aero.dll| 4.0.30319.36415| 249,232| 27-Jul-2018| 21:39 \npresentationframework.aerolite.dll| 4.0.30319.36415| 177,560| 27-Jul-2018| 21:39 \nPresentationFramework.Classic.dll| 4.0.30319.36415| 181,144| 27-Jul-2018| 21:39 \nPresentationFramework.Luna.dll| 4.0.30319.36415| 484,752| 27-Jul-2018| 21:39 \nPresentationFramework.Royale.dll| 4.0.30319.36415| 208,272| 27-Jul-2018| 21:39 \nPresentationFramework.dll| 4.0.30319.36415| 6,221,688| 27-Jul-2018| 21:39 \nPresentationFramework-SystemCore.dll| 4.0.30319.36415| 25,352| 27-Jul-2018| 21:39 \nPresentationFramework-SystemData.dll| 4.0.30319.36415| 23,816| 27-Jul-2018| 21:39 \nPresentationFramework-SystemDrawing.dll| 4.0.30319.36415| 24,336| 27-Jul-2018| 21:39 \nPresentationFramework-SystemXml.dll| 4.0.30319.36415| 24,832| 27-Jul-2018| 21:39 \nPresentationFramework-SystemXmlLinq.dll| 4.0.30319.36415| 22,800| 27-Jul-2018| 21:39 \nPresentationHost_v0400.dll| 4.0.30319.36415| 232,152| 27-Jul-2018| 21:41 \nPresentationHost_v0400.dll.mui| 4.0.30319.36415| 84,712| 27-Jul-2018| 21:41 \nPresentationHost_v0400.dll| 4.0.30319.36415| 186,072| 27-Jul-2018| 21:39 \nPresentationHost_v0400.dll.mui| 4.0.30319.36415| 84,720| 27-Jul-2018| 21:39 \nPresentationNative_v0400.dll| 4.0.30319.36415| 1,077,992| 27-Jul-2018| 21:41 \nPresentationNative_v0400.dll| 4.0.30319.36415| 790,248| 27-Jul-2018| 21:39 \nPresentationUI.dll| 4.0.30319.36415| 847,032| 27-Jul-2018| 21:39 \nReachFramework.dll| 4.0.30319.36415| 595,288| 27-Jul-2018| 21:39 \nRegAsm.exe| 4.0.30319.36415| 64,120| 27-Jul-2018| 21:41 \nRegAsm.exe| 4.0.30319.36415| 64,632| 27-Jul-2018| 21:39 \nRegSvcs.exe| 4.0.30319.36415| 44,664| 27-Jul-2018| 21:41 \nRegSvcs.exe| 4.0.30319.36415| 45,176| 27-Jul-2018| 21:39 \nregtlib.exe| 12.0.52415.36415| 94,328| 27-Jul-2018| 21:41 \nregtlib.exe| 12.0.52415.36415| 84,600| 27-Jul-2018| 21:39 \nsbscmp10.dll| 4.0.41209.0| 24,232| 27-Jul-2018| 21:41 \nsbscmp10.dll| 4.0.41209.0| 23,720| 27-Jul-2018| 21:39 \nServiceModelEvents.dll| 4.0.30319.36415| 18,128| 27-Jul-2018| 21:41 \nServiceModelEvents.dll.mui| 4.0.30319.36415| 43,736| 27-Jul-2018| 21:41 \nServiceModelEvents.dll.mui| 4.0.30319.36415| 43,744| 27-Jul-2018| 21:39 \nServiceModelEvents.dll| 4.0.30319.36415| 18,128| 27-Jul-2018| 21:39 \nServiceModelInstallRC.dll| 4.0.30319.36415| 18,136| 27-Jul-2018| 21:41 \nServiceModelInstallRC.dll.mui| 4.0.30319.36415| 19,688| 27-Jul-2018| 21:41 \nServiceModelInstallRC.dll.mui| 4.0.30319.36415| 19,688| 27-Jul-2018| 21:39 \nServiceModelInstallRC.dll| 4.0.30319.36415| 18,136| 27-Jul-2018| 21:39 \nServiceModelPerformanceCounters.dll| 4.0.30319.36415| 86,784| 27-Jul-2018| 21:41 \nServiceModelPerformanceCounters.dll.mui| 4.0.30319.36415| 47,376| 27-Jul-2018| 21:41 \nServiceModelPerformanceCounters.dll.mui| 4.0.30319.36415| 47,376| 27-Jul-2018| 21:39 \nServiceModelPerformanceCounters.dll| 4.0.30319.36415| 77,056| 27-Jul-2018| 21:39 \nServiceModelReg.exe| 4.0.30319.36415| 263,288| 27-Jul-2018| 21:41 \nServiceModelReg.exe| 4.0.30319.36415| 226,424| 27-Jul-2018| 21:39 \nServiceModelRegUI.dll| 4.0.30319.36415| 18,120| 27-Jul-2018| 21:41 \nServiceModelRegUI.dll.mui| 4.0.30319.36415| 37,592| 27-Jul-2018| 21:41 \nServiceModelRegUI.dll.mui| 4.0.30319.36415| 37,592| 27-Jul-2018| 21:39 \nServiceModelRegUI.dll| 4.0.30319.36415| 18,120| 27-Jul-2018| 21:39 \nServiceMonikerSupport.dll| 4.0.30319.36450| 28,872| 27-Jul-2018| 21:41 \nServiceMonikerSupport.dll| 4.0.30319.36450| 28,360| 27-Jul-2018| 21:39 \nSMDiagnostics.dll| 4.0.30319.36450| 73,328| 27-Jul-2018| 21:39 \nSMSvcHost.exe| 4.0.30319.36415| 139,896| 27-Jul-2018| 21:39 \nSOS.dll| 4.0.30319.36460| 822,888| 27-Jul-2018| 22:28 \nSOS.dll| 4.0.30319.36460| 762,472| 27-Jul-2018| 21:43 \nSystem.Speech.dll| 4.0.30319.36415| 686,424| 27-Jul-2018| 21:39 \nsysglobl.dll| 4.0.30319.36415| 133,264| 27-Jul-2018| 21:39 \nSystem.Activities.Core.Presentation.dll| 4.0.30319.36415| 718,256| 27-Jul-2018| 21:39 \nSystem.Activities.dll| 4.0.30319.36450| 1,582,704| 27-Jul-2018| 21:39 \nSystem.Activities.DurableInstancing.dll| 4.0.30319.36415| 144,176| 27-Jul-2018| 21:39 \nSystem.Activities.Presentation.dll| 4.0.30319.36415| 2,140,568| 27-Jul-2018| 21:39 \nSystem.AddIn.Contract.dll| 4.0.30319.36415| 52,440| 27-Jul-2018| 21:39 \nSystem.AddIn.dll| 4.0.30319.36415| 163,512| 27-Jul-2018| 21:39 \nSystem.Collections.Concurrent.dll| 4.0.30319.36415| 29,456| 27-Jul-2018| 21:39 \nSystem.Collections.dll| 4.0.30319.36415| 29,896| 27-Jul-2018| 21:39 \nSystem.ComponentModel.Annotations.dll| 4.0.30319.36415| 29,992| 27-Jul-2018| 21:39 \nSystem.ComponentModel.Composition.dll| 4.0.30319.36415| 312,104| 27-Jul-2018| 21:39 \nsystem.componentmodel.composition.registration.dll| 4.0.30319.36415| 62,848| 27-Jul-2018| 21:39 \nSystem.ComponentModel.DataAnnotations.dll| 4.0.30319.36415| 120,640| 27-Jul-2018| 21:39 \nSystem.ComponentModel.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.ComponentModel.EventBasedAsync.dll| 4.0.30319.36415| 29,504| 27-Jul-2018| 21:39 \nSystem.Core.dll| 4.0.30319.36415| 1,271,976| 27-Jul-2018| 21:39 \nSystem.Data.DataSetExtensions.dll| 4.0.30319.36415| 72,464| 27-Jul-2018| 21:39 \nSystem.Data.Entity.Design.dll| 4.0.30319.36415| 1,087,208| 27-Jul-2018| 21:39 \nSystem.Data.Entity.dll| 4.0.30319.36415| 4,099,280| 27-Jul-2018| 21:39 \nSystem.Data.Linq.dll| 4.0.30319.36415| 698,568| 27-Jul-2018| 21:39 \nUIAutomationClient.dll| 4.0.30319.36415| 178,536| 27-Jul-2018| 21:39 \nUIAutomationClientsideProviders.dll| 4.0.30319.36415| 365,984| 27-Jul-2018| 21:39 \nUIAutomationProvider.dll| 4.0.30319.36415| 48,496| 27-Jul-2018| 21:39 \nUIAutomationTypes.dll| 4.0.30319.36415| 105,832| 27-Jul-2018| 21:39 \nwebengine.dll| 4.0.30319.36430| 26,768| 27-Jul-2018| 21:41 \nwebengine.dll| 4.0.30319.36430| 24,720| 27-Jul-2018| 21:39 \nwebengine4.dll| 4.0.30319.36430| 621,200| 27-Jul-2018| 21:41 \nwebengine4.dll| 4.0.30319.36430| 509,584| 27-Jul-2018| 21:39 \nWindowsBase.dll| 4.0.30319.36415| 1,241,936| 27-Jul-2018| 21:39 \nWindowsFormsIntegration.dll| 4.0.30319.36415| 102,784| 27-Jul-2018| 21:39 \nWMINet_Utils.dll| 4.0.30319.36415| 174,256| 27-Jul-2018| 21:41 \nWMINet_Utils.dll| 4.0.30319.36415| 126,136| 27-Jul-2018| 21:39 \nWorkflowServiceHostPerformanceCounters.dll| 4.0.30319.36450| 84,776| 27-Jul-2018| 21:41 \nWorkflowServiceHostPerformanceCounters.dll.mui| 4.0.30319.36415| 24,368| 27-Jul-2018| 21:41 \nWorkflowServiceHostPerformanceCounters.dll.mui| 4.0.30319.36415| 24,368| 27-Jul-2018| 21:39 \nWorkflowServiceHostPerformanceCounters.dll| 4.0.30319.36450| 75,536| 27-Jul-2018| 21:39 \nwpf-etw.man| | 151,330| 27-Jul-2018| 21:39 \nWPFFontCache_v0400.exe.mui| 4.0.30319.36415| 19,168| 27-Jul-2018| 21:41 \nWPFFontCache_v0400.exe.mui| 4.0.30319.36415| 19,168| 27-Jul-2018| 21:39 \nWPFFontCache_v0400.exe| 4.0.30319.36415| 25,720| 27-Jul-2018| 21:41 \nWPFFontCache_v0400.exe| 4.0.30319.36415| 24,696| 27-Jul-2018| 21:39 \nwpfgfx_v0400.dll| 4.0.30319.36415| 2,108,592| 27-Jul-2018| 21:41 \nwpfgfx_v0400.dll| 4.0.30319.36415| 1,648,304| 27-Jul-2018| 21:39 \nWsatConfig.exe| 4.0.30319.36415| 155,256| 27-Jul-2018| 21:39 \nXamlBuildTask.dll| 4.0.30319.36415| 133,976| 27-Jul-2018| 21:39 \nXsdBuildTask.dll| 4.0.30319.36415| 68,280| 27-Jul-2018| 21:39 \nThirdPartyNotices.txt| | 20,126| 27-Jul-2018| 21:43 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 678,584| 27-Jul-2018| 22:28 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 27-Jul-2018| 21:43 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 869,536| 27-Jul-2018| 22:28 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 27-Jul-2018| 21:43 \nSystem.Data.Services.Client.dll| 4.0.30319.36415| 448,240| 27-Jul-2018| 21:39 \nSystem.Data.Services.Design.dll| 4.0.30319.36415| 176,368| 27-Jul-2018| 21:39 \nSystem.Data.Services.dll| 4.0.30319.36415| 684,248| 27-Jul-2018| 21:39 \nSystem.Diagnostics.Contracts.dll| 4.0.30319.36415| 29,960| 27-Jul-2018| 21:39 \nSystem.Diagnostics.Debug.dll| 4.0.30319.36415| 29,424| 27-Jul-2018| 21:39 \nSystem.Diagnostics.Tools.dll| 4.0.30319.36415| 29,424| 27-Jul-2018| 21:39 \nSystem.Diagnostics.Tracing.dll| 4.0.30319.36415| 29,440| 27-Jul-2018| 21:39 \nSystem.DirectoryServices.AccountManagement.dll| 4.0.30319.36415| 297,776| 27-Jul-2018| 21:39 \nsystem.dynamic.dll| 4.0.30319.36415| 134,320| 27-Jul-2018| 21:39 \nSystem.Dynamic.Runtime.dll| 4.0.30319.36415| 29,928| 27-Jul-2018| 21:39 \nSystem.Globalization.dll| 4.0.30319.36415| 29,400| 27-Jul-2018| 21:39 \nSystem.IdentityModel.dll| 4.0.30319.36450| 1,093,784| 27-Jul-2018| 21:39 \nSystem.IdentityModel.Selectors.dll| 4.0.30319.36415| 145,680| 27-Jul-2018| 21:39 \nSystem.IdentityModel.Services.dll| 4.0.30319.36450| 199,912| 27-Jul-2018| 21:39 \nSystem.IO.dll| 4.0.30319.36415| 29,336| 27-Jul-2018| 21:39 \nSystem.IO.Log.dll| 4.0.30319.36415| 134,992| 27-Jul-2018| 21:39 \nSystem.Linq.dll| 4.0.30319.36415| 29,344| 27-Jul-2018| 21:39 \nSystem.Linq.Expressions.dll| 4.0.30319.36415| 31,472| 27-Jul-2018| 21:39 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 SP2 (KB 4344149)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344149", "href": "https://support.microsoft.com/en-us/help/4344149", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T22:36:21", "description": "<html><body><p>Resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.</p><h2></h2><p>This article also applies to the following:</p><ul><li>Microsoft .NET Framework 3.5</li></ul><h2>Summary</h2><div class=\"kb-summary-section section\"><p>This update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.</p><p>To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.</p><p>This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.</p>To learn more about this vulnerability, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360\" id=\"kb-link-2\" target=\"_blank\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8360</a>.</div><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span>All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/2919355\" target=\"_blank\">2919355</a> to be installed. We recommend that you install update <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/2919355\" target=\"_blank\">2919355</a> on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future</span></span></span>.<span><span><span><span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344153\" managed-link=\"\" target=\"_blank\">4344153</a> Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344153)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344147\" managed-link=\"\" target=\"_blank\">4344147</a> Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB 4344147)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344145\" managed-link=\"\" target=\"_blank\">4344145</a> Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344145)</li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T17:07:56", "type": "mskb", "title": "Security and Quality Rollup updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4345592)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T17:07:56", "id": "KB4345592", "href": "https://support.microsoft.com/en-us/help/4345592/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:37", "description": "None\n## Summary\n\nThis update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows Server 2008, see the following article in the Microsoft Knowledge Base:[4345593](<https://support.microsoft.com/help/4345593>) Security and Quality updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4345593)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345593** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces previously released updates [4340559](<https://support.microsoft.com/help/4340559>) and [4291501](<https://support.microsoft.com/help/4291501>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.0-KB4344151-ia64.msu| 649A2F83AE89D6BDFDC71ACF4451D5F6364A301A| A715BA6DFCB80452DD4C95C454F41AE2F4E249B284D3EE9108E976C0F49AD57A \nWindows6.0-KB4344151-x64.msu| 9A1876FE31C0D20D4335A7829CD910BC7C491412| FA44072F14FB2E90A88D7E961F666D29EF0FBBB3EFF5A027714C1216FD649038 \nWindows6.0-KB4344151-x86.msu| 1878960CAB9D340FC7EC5FA8A7CF4460F6C562F6| 762D9F58572279E5104037DB27C2797B4F0A453569A8764734AF25D78D0BDF81 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.resources.dll| 2.0.50727.4016| 352,256| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 425,984| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 331,776| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 348,160| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 319,488| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 290,816| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 397,312| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:26 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 16-Nov-2017| 03:47 \nreachframework.dll| 3.0.6920.8773| 532,480| 16-Nov-2017| 03:47 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 13:07 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 13:07 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 28-Apr-2018| 13:08 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:07 \nsystem.management.dll| 2.0.50727.8766| 389,120| 16-Nov-2017| 03:47 \nsystem.resources.dll| 2.0.50727.4016| 241,664| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 204,800| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 294,912| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 221,184| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 204,800| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 233,472| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 196,608| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 266,240| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:26 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 16-Nov-2017| 03:47 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.security.dll| 2.0.50727.8784| 274,432| 28-Mar-2018| 13:11 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:07 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 16-Nov-2017| 03:47 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:07 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:07 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:07 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 28-Apr-2018| 13:08 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 16-Nov-2017| 03:47 \nbig5.nlp| | 66,728| 21-Nov-2017| 04:33 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:33 \nksc.nlp| | 116,756| 21-Nov-2017| 04:33 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:33 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:33 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:33 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:33 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:33 \nprc.nlp| | 83,748| 21-Nov-2017| 04:33 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:33 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:33 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:33 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:33 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 16-Nov-2017| 03:47 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \nwebengine.dll| 2.0.50727.8762| 437,400| 16-Nov-2017| 03:47 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 16-Nov-2017| 03:47 \npresentationcore.dll| 3.0.6920.8773| 4,222,976| 16-Nov-2017| 03:47 \npresentationfontcache.exe.config| | 161| 16-Nov-2017| 03:47 \nwpfgfx_v0300.dll| 3.0.6920.8773| 1,737,888| 16-Nov-2017| 03:47 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 16-Nov-2017| 03:47 \nsystem.printing.dll| 3.0.6920.8773| 372,736| 16-Nov-2017| 03:47 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 16-Nov-2017| 03:47 \nservicemodel.mof| | 85,113| 16-Nov-2017| 03:47 \nservicemodel.mof.uninstall| | 896| 16-Nov-2017| 03:47 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 13:07 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:07 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \npenimc.dll| 3.0.6920.8773| 68,752| 16-Nov-2017| 03:47 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 16-Nov-2017| 03:47 \npresentationhostdll.dll| 3.0.6920.8773| 131,248| 16-Nov-2017| 03:47 \nreachframework.dll| 3.0.6920.8773| 532,480| 16-Nov-2017| 03:47 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 16-Nov-2017| 03:47 \nxpsviewer.exe| 3.0.6920.8773| 299,648| 16-Nov-2017| 03:47 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:07 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:07 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:07 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 21-Nov-2017| 04:32 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:32 \nksc.nlp| | 116,756| 21-Nov-2017| 04:32 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:32 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:32 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:32 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:32 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:32 \nprc.nlp| | 83,748| 21-Nov-2017| 04:32 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:32 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:32 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:32 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:32 \naspnet_wp.exe| 2.0.50727.8762| 43,160| 16-Nov-2017| 03:47 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 15:10 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 28-Apr-2018| 13:08 \nsystem.management.dll| 2.0.50727.8766| 389,120| 16-Nov-2017| 03:47 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 16-Nov-2017| 03:47 \nsystem.security.dll| 2.0.50727.8784| 274,432| 28-Mar-2018| 18:26 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 16-Nov-2017| 03:47 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 28-Apr-2018| 13:08 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nwebengine.dll| 2.0.50727.8762| 746,648| 16-Nov-2017| 03:47 \nwminet_utils.dll| 2.0.50727.8766| 140,960| 16-Nov-2017| 03:47 \npresentationcore.dll| 3.0.6920.8773| 4,006,400| 16-Nov-2017| 03:47 \npresentationfontcache.exe.config| | 161| 16-Nov-2017| 03:47 \nwpfgfx_v0300.dll| 3.0.6920.8773| 2,256,032| 16-Nov-2017| 03:47 \nsystem.data.dll| 2.0.50727.8762| 3,150,336| 16-Nov-2017| 03:47 \nsystem.printing.dll| 3.0.6920.8773| 358,400| 16-Nov-2017| 03:47 \nsystem.web.dll| 2.0.50727.8762| 5,296,128| 16-Nov-2017| 03:47 \nservicemodel.mof| | 85,113| 16-Nov-2017| 03:47 \nservicemodel.mof.uninstall| | 896| 16-Nov-2017| 03:47 \nservicemonikersupport.dll| 3.0.4506.8800| 20,144| 11-Jun-2018| 13:07 \nsmdiagnostics.dll| 3.0.4506.8800| 94,208| 11-Jun-2018| 13:07 \nsmsvchost.exe| 3.0.4506.8800| 117,376| 11-Jun-2018| 13:07 \nsystem.identitymodel.dll| 3.0.4506.8800| 405,504| 11-Jun-2018| 13:07 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 13:07 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 13:07 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 13:07 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:07 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 13:07 \npenimc.dll| 3.0.6920.8773| 85,648| 16-Nov-2017| 03:47 \npresentationframework.dll| 3.0.6920.8773| 4,640,768| 16-Nov-2017| 03:47 \npresentationhostdll.dll| 3.0.6920.8773| 172,208| 16-Nov-2017| 03:47 \nreachframework.dll| 3.0.6920.8773| 532,480| 16-Nov-2017| 03:47 \nwindowsbase.dll| 3.0.6920.8773| 1,118,208| 16-Nov-2017| 03:47 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,060,864| 11-Jun-2018| 13:07 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,519,616| 11-Jun-2018| 13:07 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 454,656| 11-Jun-2018| 13:07 \nmscorlib.resources.dll| 2.0.50727.4016| 352,256| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 425,984| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 331,776| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 348,160| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 319,488| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 290,816| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 397,312| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:26 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 16-Nov-2017| 03:47 \nreachframework.dll| 3.0.6920.8773| 532,480| 16-Nov-2017| 03:47 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 13:07 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 13:07 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 28-Apr-2018| 13:08 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:07 \nsystem.management.dll| 2.0.50727.8766| 389,120| 16-Nov-2017| 03:47 \nsystem.resources.dll| 2.0.50727.4016| 241,664| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 204,800| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 294,912| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 221,184| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 204,800| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 233,472| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 196,608| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 266,240| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:26 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 16-Nov-2017| 03:47 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.security.dll| 2.0.50727.8784| 274,432| 28-Mar-2018| 13:11 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:07 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 16-Nov-2017| 03:47 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:07 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:07 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:07 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 28-Apr-2018| 13:08 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 16-Nov-2017| 03:47 \nbig5.nlp| | 66,728| 21-Nov-2017| 04:33 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:33 \nksc.nlp| | 116,756| 21-Nov-2017| 04:33 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:33 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:33 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:33 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:33 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:33 \nprc.nlp| | 83,748| 21-Nov-2017| 04:33 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:33 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:33 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:33 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:33 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 16-Nov-2017| 03:47 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \nwebengine.dll| 2.0.50727.8762| 437,400| 16-Nov-2017| 03:47 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 16-Nov-2017| 03:47 \npresentationcore.dll| 3.0.6920.8773| 4,222,976| 16-Nov-2017| 03:47 \npresentationfontcache.exe.config| | 161| 16-Nov-2017| 03:47 \nwpfgfx_v0300.dll| 3.0.6920.8773| 1,737,888| 16-Nov-2017| 03:47 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 16-Nov-2017| 03:47 \nsystem.printing.dll| 3.0.6920.8773| 372,736| 16-Nov-2017| 03:47 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 16-Nov-2017| 03:47 \nservicemodel.mof| | 85,113| 16-Nov-2017| 03:47 \nservicemodel.mof.uninstall| | 896| 16-Nov-2017| 03:47 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 13:07 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:07 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \npenimc.dll| 3.0.6920.8773| 68,752| 16-Nov-2017| 03:47 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 16-Nov-2017| 03:47 \npresentationhostdll.dll| 3.0.6920.8773| 131,248| 16-Nov-2017| 03:47 \nreachframework.dll| 3.0.6920.8773| 532,480| 16-Nov-2017| 03:47 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 16-Nov-2017| 03:47 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:07 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:07 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:07 \n**For all supported IA64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 21-Nov-2017| 04:32 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:32 \nksc.nlp| | 116,756| 21-Nov-2017| 04:32 \nmscorlib.dll| 2.0.50727.8793| 4,014,080| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:32 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:32 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:32 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:32 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:32 \nprc.nlp| | 83,748| 21-Nov-2017| 04:32 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:32 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:32 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:32 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:32 \naspnet_wp.exe| 2.0.50727.8762| 83,096| 16-Nov-2017| 03:20 \nmscordacwks.dll| 2.0.50727.8793| 3,083,400| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 602,752| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 20,404,864| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 873,592| 24-Jul-2018| 15:10 \nsystem.data.sqlxml.dll| 2.0.50727.8781| 745,472| 31-Dec-2017| 23:56 \nsystem.management.dll| 2.0.50727.8766| 389,120| 16-Nov-2017| 03:20 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 16-Nov-2017| 03:20 \nsystem.security.dll| 2.0.50727.8784| 274,432| 28-Mar-2018| 13:11 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 16-Nov-2017| 03:20 \nsystem.xml.dll| 2.0.50727.8781| 2,056,192| 31-Dec-2017| 23:56 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nwebengine.dll| 2.0.50727.8762| 1,233,560| 16-Nov-2017| 03:20 \nwminet_utils.dll| 2.0.50727.8766| 290,976| 16-Nov-2017| 03:20 \nsystem.data.dll| 2.0.50727.8762| 3,310,592| 16-Nov-2017| 03:20 \nsystem.web.dll| 2.0.50727.8762| 4,816,896| 16-Nov-2017| 03:20 \nservicemodel.mof| | 85,113| 16-Nov-2017| 03:19 \nservicemodel.mof.uninstall| | 896| 16-Nov-2017| 03:19 \nservicemonikersupport.dll| 3.0.4506.8800| 34,480| 11-Jun-2018| 13:06 \nsmdiagnostics.dll| 3.0.4506.8800| 94,208| 11-Jun-2018| 13:06 \nsmsvchost.exe| 3.0.4506.8800| 117,376| 11-Jun-2018| 13:06 \nsystem.identitymodel.dll| 3.0.4506.8800| 405,504| 11-Jun-2018| 13:06 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 13:06 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 13:06 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 13:06 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:06 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 13:06 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,060,864| 11-Jun-2018| 13:06 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,519,616| 11-Jun-2018| 13:06 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 454,656| 11-Jun-2018| 13:06 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:25 \nmscorlib.resources.dll| 2.0.50727.4016| 348,160| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 319,488| 21-Mar-2018| 16:25 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:25 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:25 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 13:07 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 13:07 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 28-Apr-2018| 13:08 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:07 \nsystem.management.dll| 2.0.50727.8766| 389,120| 16-Nov-2017| 03:47 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Mar-2018| 16:25 \nsystem.resources.dll| 2.0.50727.4016| 233,472| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:25 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:25 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:25 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 16-Nov-2017| 03:47 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.security.dll| 2.0.50727.8784| 274,432| 28-Mar-2018| 13:11 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 13:07 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 16-Nov-2017| 03:47 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:07 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:07 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:07 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 28-Apr-2018| 13:08 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nbig5.nlp| | 66,728| 21-Nov-2017| 04:33 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:33 \nksc.nlp| | 116,756| 21-Nov-2017| 04:33 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:33 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:33 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:33 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:33 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:33 \nprc.nlp| | 83,748| 21-Nov-2017| 04:33 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:33 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:33 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:33 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:33 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 16-Nov-2017| 03:47 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \nwebengine.dll| 2.0.50727.8762| 437,400| 16-Nov-2017| 03:47 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 16-Nov-2017| 03:47 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 16-Nov-2017| 03:47 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 16-Nov-2017| 03:47 \nservicemodel.mof| | 85,113| 16-Nov-2017| 03:47 \nservicemodel.mof.uninstall| | 896| 16-Nov-2017| 03:47 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 13:07 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 13:07 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 13:07 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 13:07 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 13:07 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 13:07 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 13:07 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344151)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344151", "href": "https://support.microsoft.com/en-us/help/4344151", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:38", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows 7 SP1 and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:[4345590](<https://support.microsoft.com/help/4345590>) Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345590)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345590** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces previously released updates [4340556](<https://support.microsoft.com/help/4340556>) and [4291493](<https://support.microsoft.com/help/4291493>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.1-KB4344152-ia64.msu| 274F953023722D521EDA2E844BB08F0878EA0DEA| 1278FF44B54D58202CAF6D0404E63B283B34F3A002981360224E484D4C3BFED5 \nWindows6.1-KB4344152-x64.msu| A4B728EAF3B80404339F0318E257E435758CB5FB| 64C7C91C7E12FA7E3A174D74670908275530C5EAEDD45A2D23DBFE1B0C912700 \nWindows6.1-KB4344152-x86.msu| A519003F0BE0689BCE0BAD796795C9794309E71F| AE041AB7CBF19608A1096B73C726A1ED7026032EF82F94E2A4ED8916A1CB28B3 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 29-Mar-2017| 13:05 \nreachframework.dll| 3.0.6920.8773| 532,480| 29-Mar-2017| 13:05 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 22:12 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 22:12 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 28-Nov-2017| 14:04 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 22:12 \nsystem.management.dll| 2.0.50727.8766| 389,120| 11-Jul-2017| 20:05 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:04 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.security.dll| 2.0.50727.8784| 274,432| 27-Mar-2018| 13:05 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 07-Apr-2017| 13:05 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 22:12 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 22:12 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 22:12 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 28-Nov-2017| 14:04 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 29-Mar-2017| 13:05 \nbig5.nlp| | 66,728| 16-Jun-2018| 05:11 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:11 \nksc.nlp| | 116,756| 16-Jun-2018| 05:11 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:12 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:12 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:12 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:12 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:12 \nprc.nlp| | 83,748| 16-Jun-2018| 05:12 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:12 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:12 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:12 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:13 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 07-Apr-2017| 13:05 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 16:53 \nwebengine.dll| 2.0.50727.8762| 437,400| 07-Apr-2017| 13:05 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 11-Jul-2017| 20:05 \npresentationcore.dll| 3.0.6920.8773| 4,222,976| 29-Mar-2017| 13:05 \npresentationfontcache.exe.config| | 161| 23-Mar-2016| 22:38 \nwpfgfx_v0300.dll| 3.0.6920.8773| 1,737,888| 29-Mar-2017| 13:05 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 06-Apr-2017| 13:05 \nsystem.printing.dll| 3.0.6920.8773| 372,736| 29-Mar-2017| 13:05 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 07-Apr-2017| 13:05 \nservicemodel.mof| | 85,113| 22-Jan-2018| 19:10 \nservicemodel.mof.uninstall| | 896| 22-Jan-2018| 19:10 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 22:12 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \npenimc.dll| 3.0.6920.8773| 68,752| 29-Mar-2017| 13:05 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 29-Mar-2017| 13:05 \npresentationhostdll.dll| 3.0.6920.8773| 131,248| 29-Mar-2017| 13:05 \nreachframework.dll| 3.0.6920.8773| 532,480| 29-Mar-2017| 13:05 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 29-Mar-2017| 13:05 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 22:12 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 22:12 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 22:12 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 16-Jun-2018| 05:09 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:09 \nksc.nlp| | 116,756| 16-Jun-2018| 05:09 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:10 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:10 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:10 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:10 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:10 \nprc.nlp| | 83,748| 16-Jun-2018| 05:10 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:10 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:10 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:10 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:10 \naspnet_wp.exe| 2.0.50727.8762| 43,160| 07-Apr-2017| 13:05 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 16:53 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 28-Nov-2017| 14:05 \nsystem.management.dll| 2.0.50727.8766| 389,120| 11-Jul-2017| 20:05 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:04 \nsystem.security.dll| 2.0.50727.8784| 274,432| 27-Mar-2018| 13:05 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 07-Apr-2017| 13:05 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 28-Nov-2017| 14:05 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nwebengine.dll| 2.0.50727.8762| 746,648| 07-Apr-2017| 13:05 \nwminet_utils.dll| 2.0.50727.8766| 140,960| 11-Jul-2017| 20:05 \npresentationcore.dll| 3.0.6920.8773| 4,006,400| 29-Mar-2017| 13:05 \npresentationfontcache.exe.config| | 161| 23-Mar-2016| 22:39 \nwpfgfx_v0300.dll| 3.0.6920.8773| 2,256,032| 29-Mar-2017| 13:05 \nsystem.data.dll| 2.0.50727.8762| 3,150,336| 06-Apr-2017| 13:05 \nsystem.printing.dll| 3.0.6920.8773| 358,400| 29-Mar-2017| 13:05 \nsystem.web.dll| 2.0.50727.8762| 5,296,128| 07-Apr-2017| 13:05 \nservicemodel.mof| | 85,113| 22-Jan-2018| 19:10 \nservicemodel.mof.uninstall| | 896| 22-Jan-2018| 19:10 \nservicemonikersupport.dll| 3.0.4506.8800| 20,144| 11-Jun-2018| 22:12 \nsmdiagnostics.dll| 3.0.4506.8800| 94,208| 11-Jun-2018| 22:12 \nsmsvchost.exe| 3.0.4506.8800| 117,376| 11-Jun-2018| 22:12 \nsystem.identitymodel.dll| 3.0.4506.8800| 405,504| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 22:12 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 22:12 \npenimc.dll| 3.0.6920.8773| 85,648| 29-Mar-2017| 13:05 \npresentationframework.dll| 3.0.6920.8773| 4,640,768| 29-Mar-2017| 13:05 \npresentationhostdll.dll| 3.0.6920.8773| 172,208| 29-Mar-2017| 13:05 \nreachframework.dll| 3.0.6920.8773| 532,480| 29-Mar-2017| 13:05 \nwindowsbase.dll| 3.0.6920.8773| 1,118,208| 29-Mar-2017| 13:05 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,060,864| 11-Jun-2018| 22:12 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,519,616| 11-Jun-2018| 22:12 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 454,656| 11-Jun-2018| 22:12 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 29-Mar-2017| 13:05 \nreachframework.dll| 3.0.6920.8773| 532,480| 29-Mar-2017| 13:05 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 22:12 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 22:12 \nsystem.data.sqlxml.dll| 2.0.50727.8773| 745,472| 28-Nov-2017| 14:04 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 22:12 \nsystem.management.dll| 2.0.50727.8766| 389,120| 11-Jul-2017| 20:05 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:04 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.security.dll| 2.0.50727.8784| 274,432| 27-Mar-2018| 13:05 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 07-Apr-2017| 13:05 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 22:12 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 22:12 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 22:12 \nsystem.xml.dll| 2.0.50727.8773| 2,056,192| 28-Nov-2017| 14:04 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 29-Mar-2017| 13:05 \nbig5.nlp| | 66,728| 16-Jun-2018| 05:11 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:11 \nksc.nlp| | 116,756| 16-Jun-2018| 05:11 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:12 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:12 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:12 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:12 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:12 \nprc.nlp| | 83,748| 16-Jun-2018| 05:12 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:12 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:12 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:12 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:13 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 07-Apr-2017| 13:05 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 16:53 \nwebengine.dll| 2.0.50727.8762| 437,400| 07-Apr-2017| 13:05 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 11-Jul-2017| 20:05 \npresentationcore.dll| 3.0.6920.8773| 4,222,976| 29-Mar-2017| 13:05 \npresentationfontcache.exe.config| | 161| 23-Mar-2016| 22:38 \nwpfgfx_v0300.dll| 3.0.6920.8773| 1,737,888| 29-Mar-2017| 13:05 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 06-Apr-2017| 13:05 \nsystem.printing.dll| 3.0.6920.8773| 372,736| 29-Mar-2017| 13:05 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 07-Apr-2017| 13:05 \nservicemodel.mof| | 85,113| 22-Jan-2018| 19:10 \nservicemodel.mof.uninstall| | 896| 22-Jan-2018| 19:10 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 22:12 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \npenimc.dll| 3.0.6920.8773| 68,752| 29-Mar-2017| 13:05 \npresentationframework.dll| 3.0.6920.8773| 5,283,840| 29-Mar-2017| 13:05 \npresentationhostdll.dll| 3.0.6920.8773| 131,248| 29-Mar-2017| 13:05 \nreachframework.dll| 3.0.6920.8773| 532,480| 29-Mar-2017| 13:05 \nwindowsbase.dll| 3.0.6920.8773| 1,257,472| 29-Mar-2017| 13:05 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 22:12 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 22:12 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 22:12 \n**For all supported IA64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 16-Jun-2018| 05:14 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:14 \nksc.nlp| | 116,756| 16-Jun-2018| 05:14 \nmscorlib.dll| 2.0.50727.8793| 4,014,080| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:14 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:14 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:14 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:14 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:14 \nprc.nlp| | 83,748| 16-Jun-2018| 05:14 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:14 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:14 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:14 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:15 \naspnet_wp.exe| 2.0.50727.8762| 83,096| 07-Apr-2017| 13:05 \nmscordacwks.dll| 2.0.50727.8793| 3,083,400| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 602,752| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 20,404,864| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 873,592| 24-Jul-2018| 16:53 \nsystem.data.sqlxml.dll| 2.0.50727.8781| 745,472| 31-Dec-2017| 23:52 \nsystem.management.dll| 2.0.50727.8766| 389,120| 11-Jul-2017| 20:05 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:04 \nsystem.security.dll| 2.0.50727.8784| 274,432| 27-Mar-2018| 13:05 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 07-Apr-2017| 13:05 \nsystem.xml.dll| 2.0.50727.8781| 2,056,192| 31-Dec-2017| 23:52 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nwebengine.dll| 2.0.50727.8762| 1,233,560| 07-Apr-2017| 13:05 \nwminet_utils.dll| 2.0.50727.8766| 290,976| 11-Jul-2017| 20:05 \nsystem.data.dll| 2.0.50727.8762| 3,310,592| 06-Apr-2017| 13:05 \nsystem.web.dll| 2.0.50727.8762| 4,816,896| 07-Apr-2017| 13:05 \nservicemodel.mof| | 85,113| 04-May-2018| 22:04 \nservicemodel.mof.uninstall| | 896| 04-May-2018| 22:04 \nservicemonikersupport.dll| 3.0.4506.8800| 34,480| 11-Jun-2018| 22:12 \nsmdiagnostics.dll| 3.0.4506.8800| 94,208| 11-Jun-2018| 22:12 \nsmsvchost.exe| 3.0.4506.8800| 117,376| 11-Jun-2018| 22:12 \nsystem.identitymodel.dll| 3.0.4506.8800| 405,504| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 847,872| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 22:12 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,332,992| 11-Jun-2018| 22:12 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,060,864| 11-Jun-2018| 22:12 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,519,616| 11-Jun-2018| 22:12 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 454,656| 11-Jun-2018| 22:12 \nsmdiagnostics.dll| 3.0.4506.8800| 110,592| 11-Jun-2018| 22:12 \nsmsvchost.exe| 3.0.4506.8800| 129,664| 11-Jun-2018| 22:12 \nsystem.data.sqlxml.dll| 2.0.50727.8781| 745,472| 31-Dec-2017| 23:51 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 22:12 \nsystem.management.dll| 2.0.50727.8766| 389,120| 11-Jul-2017| 20:05 \nsystem.runtime.remoting.dll| 2.0.50727.8771| 307,200| 31-Aug-2017| 13:04 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.security.dll| 2.0.50727.8784| 274,432| 27-Mar-2018| 13:05 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \nsystem.servicemodel.washosting.dll| 3.0.4506.8800| 32,768| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \nsystem.web.regularexpressions.dll| 2.0.50727.8762| 98,304| 07-Apr-2017| 13:05 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 22:12 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 22:12 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 22:12 \nsystem.xml.dll| 2.0.50727.8781| 2,056,192| 31-Dec-2017| 23:51 \nsystem.dll| 2.0.50727.8791| 3,207,168| 13-Jul-2018| 16:20 \nbig5.nlp| | 66,728| 16-Jun-2018| 05:11 \nbopomofo.nlp| | 82,172| 16-Jun-2018| 05:11 \nksc.nlp| | 116,756| 16-Jun-2018| 05:11 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 16:53 \nnormidna.nlp| | 59,342| 16-Jun-2018| 05:12 \nnormnfc.nlp| | 45,794| 16-Jun-2018| 05:12 \nnormnfd.nlp| | 39,284| 16-Jun-2018| 05:12 \nnormnfkc.nlp| | 66,384| 16-Jun-2018| 05:12 \nnormnfkd.nlp| | 60,294| 16-Jun-2018| 05:12 \nprc.nlp| | 83,748| 16-Jun-2018| 05:12 \nprcp.nlp| | 83,748| 16-Jun-2018| 05:12 \nsortkey.nlp| | 262,148| 16-Jun-2018| 05:12 \nsorttbls.nlp| | 20,320| 16-Jun-2018| 05:12 \nxjis.nlp| | 28,288| 16-Jun-2018| 05:13 \naspnet_wp.exe| 2.0.50727.8762| 31,384| 07-Apr-2017| 13:05 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 16:53 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 16:53 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 16:53 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 16:53 \nwebengine.dll| 2.0.50727.8762| 437,400| 07-Apr-2017| 13:05 \nwminet_utils.dll| 2.0.50727.8766| 116,896| 11-Jul-2017| 20:05 \nsystem.data.dll| 2.0.50727.8762| 2,975,744| 06-Apr-2017| 13:05 \nsystem.web.dll| 2.0.50727.8762| 5,287,936| 07-Apr-2017| 13:05 \nservicemodel.mof| | 85,113| 22-Jan-2018| 19:10 \nservicemodel.mof.uninstall| | 896| 22-Jan-2018| 19:10 \nservicemonikersupport.dll| 3.0.4506.8800| 18,096| 11-Jun-2018| 22:12 \nsystem.identitymodel.dll| 3.0.4506.8800| 446,464| 11-Jun-2018| 22:12 \nsystem.runtime.serialization.dll| 3.0.4506.8800| 970,752| 11-Jun-2018| 22:12 \nsystem.servicemodel.dll| 3.0.4506.8800| 5,992,448| 11-Jun-2018| 22:12 \nsystem.workflow.activities.dll| 3.0.4203.8800| 1,142,784| 11-Jun-2018| 22:12 \nsystem.workflow.componentmodel.dll| 3.0.4203.8800| 1,630,208| 11-Jun-2018| 22:12 \nsystem.workflow.runtime.dll| 3.0.4203.8800| 540,672| 11-Jun-2018| 22:12 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4344152)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344152", "href": "https://support.microsoft.com/en-us/help/4344152", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:48", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows Server 2008, see the following article in the Microsoft Knowledge Base:[4345682](<https://support.microsoft.com/help/4345682>) Security Only updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4345682)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345682>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345682** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces update [3142023](<https://support.microsoft.com/help/3142023>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows6.0-KB4344176-ia64.msu| BC1159BC6CF9011EACE2CE7B98190513CC2158B7| 77C6C3A8DEC0652A9525F3AA5C473B22B1C7C2D69C6AA33003F86C501E908BB2 \nWindows6.0-KB4344176-x64.msu| BAFC7AF010D7FF7076B49D514A6D7F8335AE4BB3| FEA19B105364A284BA12E9C44085F47D47F965059D508BE461FB32DA3F0AA21F \nWindows6.0-KB4344176-x86.msu| 9DEB7A612BE3E1F882B6BDAAFBFA0FA2052A37E8| 9FE1496C0846DDA8B9B39A2A1C9D469EB5630D70C548FA337639D2CEB0DE97C2 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.resources.dll| 2.0.50727.4016| 352,256| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 425,984| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 331,776| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 348,160| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 319,488| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 290,816| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 397,312| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 241,664| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 204,800| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 294,912| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 221,184| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 204,800| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 233,472| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 196,608| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 266,240| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:26 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nbig5.nlp| | 66,728| 21-Nov-2017| 04:33 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:33 \nksc.nlp| | 116,756| 21-Nov-2017| 04:33 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:33 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:33 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:33 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:33 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:33 \nprc.nlp| | 83,748| 21-Nov-2017| 04:33 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:33 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:33 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:33 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:33 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 21-Nov-2017| 04:32 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:32 \nksc.nlp| | 116,756| 21-Nov-2017| 04:32 \nmscorlib.dll| 2.0.50727.8793| 4,571,136| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:32 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:32 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:32 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:32 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:32 \nprc.nlp| | 83,748| 21-Nov-2017| 04:32 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:32 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:32 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:32 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:32 \nmscordacwks.dll| 2.0.50727.8793| 1,758,784| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 495,232| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 10,008,632| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 486,008| 24-Jul-2018| 15:10 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nmscorlib.resources.dll| 2.0.50727.4016| 352,256| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 425,984| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 331,776| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 348,160| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 319,488| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 290,816| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 303,104| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 307,200| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 397,312| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 299,008| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:26 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 241,664| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 204,800| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 294,912| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 221,184| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 204,800| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 233,472| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 196,608| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 208,896| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 266,240| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 200,704| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:26 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:26 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nbig5.nlp| | 66,728| 21-Nov-2017| 04:33 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:33 \nksc.nlp| | 116,756| 21-Nov-2017| 04:33 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:33 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:33 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:33 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:33 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:33 \nprc.nlp| | 83,748| 21-Nov-2017| 04:33 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:33 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:33 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:33 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:33 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \n**For all supported IA64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nbig5.nlp| | 66,728| 21-Nov-2017| 04:32 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:32 \nksc.nlp| | 116,756| 21-Nov-2017| 04:32 \nmscorlib.dll| 2.0.50727.8793| 4,014,080| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:32 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:32 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:32 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:32 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:32 \nprc.nlp| | 83,748| 21-Nov-2017| 04:32 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:32 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:32 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:32 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:32 \nmscordacwks.dll| 2.0.50727.8793| 3,083,400| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 602,752| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 20,404,864| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 873,592| 24-Jul-2018| 15:10 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nmscorlib.resources.dll| 2.0.50727.4016| 315,392| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 311,296| 21-Mar-2018| 16:25 \nmscorlib.resources.dll| 2.0.50727.4016| 348,160| 21-Nov-2017| 04:32 \nmscorlib.resources.dll| 2.0.50727.4016| 319,488| 21-Mar-2018| 16:25 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:25 \nmscorlib.resources.dll| 2.0.50727.4016| 278,528| 21-Mar-2018| 16:25 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 212,992| 21-Mar-2018| 16:25 \nsystem.resources.dll| 2.0.50727.4016| 233,472| 21-Nov-2017| 04:32 \nsystem.resources.dll| 2.0.50727.4016| 217,088| 21-Mar-2018| 16:25 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:25 \nsystem.resources.dll| 2.0.50727.4016| 184,320| 21-Mar-2018| 16:25 \nsystem.dll| 2.0.50727.8791| 3,207,168| 12-Jul-2018| 00:35 \nbig5.nlp| | 66,728| 21-Nov-2017| 04:33 \nbopomofo.nlp| | 82,172| 21-Nov-2017| 04:33 \nksc.nlp| | 116,756| 21-Nov-2017| 04:33 \nmscorlib.dll| 2.0.50727.8793| 4,554,752| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 04:33 \nnormnfc.nlp| | 45,794| 21-Nov-2017| 04:33 \nnormnfd.nlp| | 39,284| 21-Nov-2017| 04:33 \nnormnfkc.nlp| | 66,384| 21-Nov-2017| 04:33 \nnormnfkd.nlp| | 60,294| 21-Nov-2017| 04:33 \nprc.nlp| | 83,748| 21-Nov-2017| 04:33 \nprcp.nlp| | 83,748| 21-Nov-2017| 04:33 \nsortkey.nlp| | 262,148| 21-Nov-2017| 04:33 \nsorttbls.nlp| | 20,320| 21-Nov-2017| 04:33 \nxjis.nlp| | 28,288| 21-Nov-2017| 04:33 \nmscordacwks.dll| 2.0.50727.8793| 991,808| 24-Jul-2018| 15:10 \nmscorsvc.dll| 2.0.50727.8793| 231,992| 24-Jul-2018| 15:10 \nmscorwks.dll| 2.0.50727.8793| 5,948,472| 24-Jul-2018| 15:10 \nsos.dll| 2.0.50727.8793| 391,216| 24-Jul-2018| 15:10 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344176)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344176", "href": "https://support.microsoft.com/en-us/help/4344176", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T22:44:40", "description": "<html><body><p>Resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments.</p><h2>Summary</h2><div class=\"kb-summary-section section\"><p>This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.</p><p>To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.</p><p>This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.</p>To learn more about this vulnerability, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360\" id=\"kb-link-2\" target=\"\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8360</a>.</div><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see </span></span></span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/4019990\" target=\"_blank\">KB 4019990</a><span><span><span>.</span></span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security\u00a0update as it relates to individual product versions.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344177\" managed-link=\"\" target=\"_blank\">4344177</a> Description of the Security Only update for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4344177)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344173\" managed-link=\"\" target=\"_blank\">4344173</a> Description of the Security Only update for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB 4344173)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4344167\" managed-link=\"\" target=\"_blank\">4344167</a> Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4344167)</li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T17:07:58", "type": "mskb", "title": "Security Only updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4345679)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T17:07:58", "id": "KB4345679", "href": "https://support.microsoft.com/en-us/help/4345679/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:45", "description": "None\n## Summary\n\nThis security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows Server 2012, see the following article in the Microsoft Knowledge Base:[4345680](<https://support.microsoft.com/help/4345680>) Security Only updates for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4345680)\n\n## How to obtain and install the update\n\n### Method 1: Microsoft Update Catalog\n\nTo get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4345680>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345680** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces update [4020506](<https://support.microsoft.com/help/4020506>).\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8-RT-KB4344172-x64.msu| 7831936B31A5FDC51CF249CCD8CC8CB6E9BC4E85| D05448BF7DED0E1516B858D6C3BA1AE62777594BB81D70AE68AA5CA482CDC32B \nWindows8-RT-KB4344172-x86.msu| E1E87503CA3A9045DC7D86EC100DDE4E373F8018| AC44B7BB9C2FD7F5F4D0FA86C70E5A9B762D4C7D228ED339328C1B409A133B75 \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nsystem.dll| 4.0.30319.36455| 3,488,792| 13-Jul-2018| 02:54 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 47,076| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 40,566| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 67,808| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 61,718| 21-Nov-2017| 07:23 \nclrjit.dll| 4.0.30319.36460| 510,464| 24-Jul-2018| 15:10 \nclr.dll| 4.0.30319.36460| 6,939,640| 24-Jul-2018| 15:10 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 24-Jul-2018| 15:10 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 24-Jul-2018| 15:10 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 24-Jul-2018| 15:10 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 24-Jul-2018| 15:10 \npeverify.dll| 4.0.30319.36460| 163,968| 24-Jul-2018| 15:10 \nsos.dll| 4.0.30319.36460| 762,472| 24-Jul-2018| 15:10 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.0.30319.36460| 5,219,968| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 47,076| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 40,566| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 67,808| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 61,718| 21-Nov-2017| 07:23 \nclrjit.dll| 4.0.30319.36460| 1,234,552| 24-Jul-2018| 15:10 \nclr.dll| 4.0.30319.36460| 10,070,120| 24-Jul-2018| 15:10 \nmscordacwks.dll| 4.0.30319.36460| 1,731,208| 24-Jul-2018| 15:10 \nmscordbi.dll| 4.0.30319.36460| 1,533,568| 24-Jul-2018| 15:10 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 678,584| 24-Jul-2018| 15:10 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 869,536| 24-Jul-2018| 15:10 \npeverify.dll| 4.0.30319.36460| 225,920| 24-Jul-2018| 15:10 \nsos.dll| 4.0.30319.36460| 822,888| 24-Jul-2018| 15:10 \nsystem.dll| 4.0.30319.36455| 3,488,792| 13-Jul-2018| 02:55 \nsystem.dll| 4.0.30319.36455| 3,488,792| 13-Jul-2018| 02:54 \nmscorlib.dll| 4.0.30319.36460| 5,266,072| 24-Jul-2018| 15:10 \nnormidna.nlp| | 59,342| 21-Nov-2017| 07:23 \nnormnfc.nlp| | 47,076| 21-Nov-2017| 07:23 \nnormnfd.nlp| | 40,566| 21-Nov-2017| 07:23 \nnormnfkc.nlp| | 67,808| 21-Nov-2017| 07:23 \nnormnfkd.nlp| | 61,718| 21-Nov-2017| 07:23 \nclrjit.dll| 4.0.30319.36460| 510,464| 24-Jul-2018| 15:10 \nclr.dll| 4.0.30319.36460| 6,939,640| 24-Jul-2018| 15:10 \nmscordacwks.dll| 4.0.30319.36460| 1,284,232| 24-Jul-2018| 15:10 \nmscordbi.dll| 4.0.30319.36460| 1,107,576| 24-Jul-2018| 15:10 \nmsvcp120_clr0400.dll| 12.0.52460.36460| 536,736| 24-Jul-2018| 15:10 \nmsvcr120_clr0400.dll| 12.0.52460.36460| 875,672| 24-Jul-2018| 15:10 \npeverify.dll| 4.0.30319.36460| 163,968| 24-Jul-2018| 15:10 \nsos.dll| 4.0.30319.36460| 762,472| 24-Jul-2018| 15:10 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security Only update for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344172)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344172", "href": "https://support.microsoft.com/en-us/help/4344172", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-31T15:04:29", "description": "None\n## Summary\n\nThis update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections in which content from one stream can blend into another stream.To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.This security update addresses the vulnerability by correcting the way that .NET Framework handles high-load/high-density network connections.To learn more about this vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).**Important**\n\n * All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see [KB 4019990](<https://support.microsoft.com/en-us/help/4019990>).\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>).\n\n## Additional information about this security update\n\nFor more information about this security update as it relates to Windows Server 2012, see the following article in the Microsoft Knowledge Base:[4345591](<https://support.microsoft.com/help/4345591>) Security and Quality Rollup updates for .NET Framework 3.5 SP1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4345591)\n\n## How to obtain and install the update\n\n### Method 1: Windows Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>). \n\n\n### Method 2: Windows Software Update Services (WSUS)\n\nOn your WSUS server, follow these steps:\n\n 1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.\n 2. Expand **ComputerName**, and then click **Action**.\n 3. Click **Import Updates**.\n 4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.\n 5. After the ActiveX control is installed, you see the **Microsoft Update Catalog** screen. Type **4345591** in the **Search** box, and then click **Search**.\n 6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click **Add** to add them to your basket.\n 7. After you select all the packages that you require, click **View Basket**.\n 8. To import the packages to your WSUS server, click **Import**.\n 9. After the packages are imported, click **Close** to return to WSUS.\nThe updates are now available for installation through WSUS.\n\n### Update deployment information\n\nFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:[20180814](<https://support.microsoft.com/help/20180814>) Security update deployment information: August 14, 2018\n\n### Update removal information\n\n**Note** We do not recommend that you remove any security update. To remove this update, use the **Programs and Features** item in Control Panel.\n\n### Update restart information\n\nThis update does not require a system restart after you apply it unless files that are being updated are locked or are being used.\n\n### Update replacement information\n\nThis update replaces previously released updates [4340557](<https://support.microsoft.com/help/4340557>) and [4291495.](<https://support.microsoft.com/help/4291495>)\n\n## File information\n\n## File hash \n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8-RT-KB4344144-x64.msu| 27D8B0530661DF18D8BA990A4BC29534806D4C91| 52DE596AAAD029D9CB4EE92203CFE73B26C9871EFEC2B29B2A57C455D8EFE0BB \nWindows8-RT-KB4344144-x86.msu| C38A636706ED5E0C05801D2CC27430D064DD7786| 93F2F8BECAF8122ED2DE89764AC0FA8E8A69697E1BF91DA3306F354A0F180F7F \n \n\n\n## File attributes \n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.**For all supported x86-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \npresentationframework.dll| 4.7.2672.0| 6,210,896| 19-Jul-2018| 22:47 \nsmdiagnostics.dll| 4.7.3130.0| 73,808| 06-Jun-2018| 06:16 \nsystem.activities.dll| 4.7.3130.0| 1,532,544| 06-Jun-2018| 06:16 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.data.sqlxml.dll| 4.7.2612.0| 734,400| 22-Nov-2017| 20:59 \nsystem.deployment.dll| 4.6.1099.0| 846,016| 27-Mar-2017| 03:33 \nsystem.directoryservices.accountmanagement.dll| 4.7.2623.0| 296,216| 30-Nov-2017| 04:16 \nsystem.directoryservices.protocols.dll| 4.6.1099.0| 200,488| 27-Mar-2017| 03:33 \nsystem.drawing.dll| 4.6.1099.0| 594,616| 27-Mar-2017| 03:33 \nsystem.identitymodel.services.dll| 4.7.3130.0| 198,376| 06-Jun-2018| 06:16 \nsystem.identitymodel.dll| 4.7.3130.0| 1,090,176| 06-Jun-2018| 06:16 \nsystem.management.dll| 4.7.2102.0| 415,432| 06-Jun-2017| 23:17 \nsystem.net.http.dll| 4.7.2634.0| 203,352| 02-Feb-2018| 21:11 \nsystem.runtime.caching.dll| 4.6.1649.1| 108,920| 21-Apr-2017| 05:35 \nsystem.runtime.remoting.dll| 4.7.2114.0| 347,368| 30-Aug-2017| 06:04 \nsystem.runtime.serialization.dll| 4.7.3130.0| 1,056,456| 06-Jun-2018| 06:16 \nsystem.security.dll| 4.7.2650.0| 324,696| 21-Mar-2018| 04:49 \nsystem.servicemodel.channels.dll| 4.7.3130.0| 157,928| 06-Jun-2018| 06:16 \nsystem.servicemodel.discovery.dll| 4.7.3130.0| 308,456| 06-Jun-2018| 06:16 \nsystem.servicemodel.internals.dll| 4.7.3130.0| 260,808| 06-Jun-2018| 06:16 \nsystem.servicemodel.routing.dll| 4.6.1099.0| 130,288| 27-Mar-2017| 03:33 \nsystem.servicemodel.washosting.dll| 4.7.3130.0| 39,656| 06-Jun-2018| 06:16 \nsystem.servicemodel.dll| 4.7.3130.0| 6,321,784| 06-Jun-2018| 06:16 \nsystem.web.applicationservices.dll| 4.7.2623.0| 70,912| 30-Nov-2017| 04:16 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nsystem.windows.controls.ribbon.dll| 4.7.2672.0| 742,608| 19-Jul-2018| 22:47 \nsystem.windows.forms.dll| 4.7.2114.0| 5,181,656| 30-Aug-2017| 06:04 \nsystem.workflow.activities.dll| 4.7.3130.0| 1,051,360| 06-Jun-2018| 06:16 \nsystem.workflow.componentmodel.dll| 4.7.3130.0| 1,542,384| 06-Jun-2018| 06:16 \nsystem.workflow.runtime.dll| 4.7.3130.0| 498,896| 06-Jun-2018| 06:16 \nsystem.xaml.dll| 4.7.2672.0| 643,560| 19-Jul-2018| 22:47 \nsystem.xml.dll| 4.7.2612.0| 2,670,224| 22-Nov-2017| 20:59 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nuiautomationclientsideproviders.dll| 4.7.2672.0| 361,336| 19-Jul-2018| 22:47 \nuiautomationclient.dll| 4.7.2672.0| 177,984| 19-Jul-2018| 22:47 \nuiautomationprovider.dll| 4.7.2672.0| 48,968| 19-Jul-2018| 22:47 \nuiautomationtypes.dll| 4.7.2672.0| 220,992| 19-Jul-2018| 22:47 \nwindowsbase.dll| 4.7.2672.0| 1,289,512| 19-Jul-2018| 22:47 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 25-Jul-2018| 02:50 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \naspnet_perf.dll| 4.7.2623.0| 42,648| 30-Nov-2017| 04:16 \naspnet_state_perf.h| | 318| 30-Nov-2017| 02:23 \naspnet_state_perf.ini| | 42,996| 30-Nov-2017| 04:18 \naspnet_wp.exe| 4.7.2623.0| 46,176| 30-Nov-2017| 04:16 \nclrjit.dll| 4.7.3133.0| 524,288| 25-Jul-2018| 02:50 \nclr.dll| 4.7.3133.0| 7,249,400| 25-Jul-2018| 02:50 \ndfdll.dll| 4.6.1099.0| 154,768| 27-Mar-2017| 03:33 \nglobalmonospace.compositefont| | 26,040| 17-May-2018| 04:37 \nglobalsansserif.compositefont| | 26,489| 17-May-2018| 04:37 \nglobalserif.compositefont| | 29,779| 17-May-2018| 04:37 \nglobaluserinterface.compositefont| | 186,009| 19-Jul-2018| 19:11 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 25-Jul-2018| 02:50 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 25-Jul-2018| 02:50 \nmscoreei.dll| 4.6.1099.0| 497,824| 27-Mar-2017| 03:33 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 11-May-2018| 01:43 \npenimc.dll| 14.7.2634.0| 19,096| 02-Feb-2018| 21:11 \npenimc2_v0400.dll| 4.7.2672.0| 86,160| 19-Jul-2018| 22:47 \npenimc_v0400.dll| 4.7.2634.0| 24,728| 02-Feb-2018| 21:11 \npeverify.dll| 4.7.3133.0| 189,960| 25-Jul-2018| 02:50 \npresentationhost_v0400.dll.mui| 4.7.2672.0| 84,704| 19-Jul-2018| 22:47 \npresentationhost_v0400.dll| 4.7.2672.0| 214,200| 19-Jul-2018| 22:47 \npresentationnative_v0400.dll| 4.7.2672.0| 827,096| 19-Jul-2018| 22:47 \nservicemodel.mof| | 88,383| 11-May-2018| 01:26 \nservicemodel.mof.uninstall| | 896| 11-May-2018| 01:26 \nservicemonikersupport.dll| 4.7.3130.0| 29,384| 06-Jun-2018| 06:16 \nsos.dll| 4.7.3133.0| 744,952| 25-Jul-2018| 02:50 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nwebengine4.dll| 4.7.2623.0| 550,032| 30-Nov-2017| 04:16 \nwebengine.dll| 4.7.2623.0| 24,712| 30-Nov-2017| 04:16 \nwminet_utils.dll| 4.7.2102.0| 136,368| 06-Jun-2017| 23:17 \nworkflowservicehostperformancecounters.dll| 4.7.3130.0| 89,384| 06-Jun-2018| 06:16 \nwpfgfx_v0400.dll| 4.7.2672.0| 1,345,160| 19-Jul-2018| 22:47 \npresentationcore.dll| 4.7.2672.0| 3,635,024| 19-Jul-2018| 22:47 \nsystem.data.dll| 4.7.2623.0| 3,397,272| 30-Nov-2017| 04:16 \nsystem.transactions.dll| 4.6.1099.0| 303,824| 27-Mar-2017| 03:33 \nsystem.web.dll| 4.7.2623.0| 5,409,936| 30-Nov-2017| 04:16 \n**For all supported x64-based systems**File name| File version| File size| Date| Time \n---|---|---|---|--- \nmscorlib.dll| 4.7.3133.0| 5,420,992| 25-Jul-2018| 02:09 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \naspnet_perf.dll| 4.7.2623.0| 46,232| 30-Nov-2017| 04:12 \naspnet_state_perf.h| | 318| 30-Nov-2017| 02:05 \naspnet_state_perf.ini| | 42,996| 30-Nov-2017| 04:12 \naspnet_wp.exe| 4.7.2623.0| 50,784| 30-Nov-2017| 04:12 \nclrjit.dll| 4.7.3133.0| 1,227,192| 25-Jul-2018| 02:09 \nclr.dll| 4.7.3133.0| 10,378,664| 25-Jul-2018| 02:09 \ncompatjit.dll| 4.7.3133.0| 1,262,528| 25-Jul-2018| 02:09 \ndfdll.dll| 4.6.1099.0| 181,400| 27-Mar-2017| 03:29 \nglobalmonospace.compositefont| | 26,040| 17-May-2018| 04:37 \nglobalsansserif.compositefont| | 26,489| 17-May-2018| 04:37 \nglobalserif.compositefont| | 29,779| 17-May-2018| 04:37 \nglobaluserinterface.compositefont| | 186,009| 19-Jul-2018| 19:11 \nmscordacwks.dll| 4.7.3133.0| 1,843,656| 25-Jul-2018| 02:09 \nmscordbi.dll| 4.7.3133.0| 1,625,024| 25-Jul-2018| 02:09 \nmscoreei.dll| 4.6.1099.0| 617,632| 27-Mar-2017| 03:29 \nmsvcp120_clr0400.dll| 12.0.52519.0| 690,008| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 993,632| 11-May-2018| 01:43 \npenimc.dll| 14.7.2634.0| 19,096| 02-Feb-2018| 21:04 \npenimc2_v0400.dll| 4.7.2672.0| 107,472| 19-Jul-2018| 22:39 \npenimc_v0400.dll| 4.7.2634.0| 25,760| 02-Feb-2018| 21:04 \npeverify.dll| 4.7.3133.0| 263,104| 25-Jul-2018| 02:09 \npresentationframework.dll| 4.7.2672.0| 6,210,896| 19-Jul-2018| 22:47 \npresentationhost_v0400.dll.mui| 4.7.2672.0| 87,560| 19-Jul-2018| 22:39 \npresentationhost_v0400.dll| 4.7.2672.0| 280,568| 19-Jul-2018| 22:39 \npresentationnative_v0400.dll| 4.7.2672.0| 1,112,576| 19-Jul-2018| 22:39 \nservicemodel.mof| | 88,383| 21-Feb-2018| 03:54 \nservicemodel.mof.uninstall| | 896| 21-Feb-2018| 03:54 \nservicemonikersupport.dll| 4.7.3130.0| 31,456| 06-Jun-2018| 06:09 \nsmdiagnostics.dll| 4.7.3130.0| 73,808| 06-Jun-2018| 06:16 \nsos.dll| 4.7.3133.0| 874,920| 25-Jul-2018| 02:09 \nsystem.activities.dll| 4.7.3130.0| 1,532,544| 06-Jun-2018| 06:16 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.data.sqlxml.dll| 4.7.2612.0| 734,400| 22-Nov-2017| 20:59 \nsystem.deployment.dll| 4.6.1099.0| 846,016| 27-Mar-2017| 03:33 \nsystem.directoryservices.accountmanagement.dll| 4.7.2623.0| 296,216| 30-Nov-2017| 04:16 \nsystem.directoryservices.protocols.dll| 4.6.1099.0| 200,488| 27-Mar-2017| 03:33 \nsystem.drawing.dll| 4.6.1099.0| 594,616| 27-Mar-2017| 03:33 \nsystem.identitymodel.services.dll| 4.7.3130.0| 198,376| 06-Jun-2018| 06:16 \nsystem.identitymodel.dll| 4.7.3130.0| 1,090,176| 06-Jun-2018| 06:16 \nsystem.management.dll| 4.7.2102.0| 415,432| 06-Jun-2017| 23:17 \nsystem.net.http.dll| 4.7.2634.0| 203,352| 02-Feb-2018| 21:11 \nsystem.runtime.caching.dll| 4.6.1649.1| 108,920| 21-Apr-2017| 05:35 \nsystem.runtime.remoting.dll| 4.7.2114.0| 347,368| 30-Aug-2017| 06:04 \nsystem.runtime.serialization.dll| 4.7.3130.0| 1,056,456| 06-Jun-2018| 06:16 \nsystem.security.dll| 4.7.2650.0| 324,696| 21-Mar-2018| 04:49 \nsystem.servicemodel.channels.dll| 4.7.3130.0| 157,928| 06-Jun-2018| 06:16 \nsystem.servicemodel.discovery.dll| 4.7.3130.0| 308,456| 06-Jun-2018| 06:16 \nsystem.servicemodel.internals.dll| 4.7.3130.0| 260,808| 06-Jun-2018| 06:16 \nsystem.servicemodel.routing.dll| 4.6.1099.0| 130,288| 27-Mar-2017| 03:33 \nsystem.servicemodel.washosting.dll| 4.7.3130.0| 39,656| 06-Jun-2018| 06:16 \nsystem.servicemodel.dll| 4.7.3130.0| 6,321,784| 06-Jun-2018| 06:16 \nsystem.web.applicationservices.dll| 4.7.2623.0| 70,912| 30-Nov-2017| 04:16 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nsystem.windows.controls.ribbon.dll| 4.7.2672.0| 742,608| 19-Jul-2018| 22:47 \nsystem.windows.forms.dll| 4.7.2114.0| 5,181,656| 30-Aug-2017| 06:04 \nsystem.workflow.activities.dll| 4.7.3130.0| 1,051,360| 06-Jun-2018| 06:16 \nsystem.workflow.componentmodel.dll| 4.7.3130.0| 1,542,384| 06-Jun-2018| 06:16 \nsystem.workflow.runtime.dll| 4.7.3130.0| 498,896| 06-Jun-2018| 06:16 \nsystem.xaml.dll| 4.7.2672.0| 643,560| 19-Jul-2018| 22:47 \nsystem.xml.dll| 4.7.2612.0| 2,670,224| 22-Nov-2017| 20:59 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nuiautomationclientsideproviders.dll| 4.7.2672.0| 361,336| 19-Jul-2018| 22:47 \nuiautomationclient.dll| 4.7.2672.0| 177,984| 19-Jul-2018| 22:47 \nuiautomationprovider.dll| 4.7.2672.0| 48,968| 19-Jul-2018| 22:47 \nuiautomationtypes.dll| 4.7.2672.0| 220,992| 19-Jul-2018| 22:47 \nwebengine4.dll| 4.7.2623.0| 667,792| 30-Nov-2017| 04:12 \nwebengine.dll| 4.7.2623.0| 26,256| 30-Nov-2017| 04:12 \nwindowsbase.dll| 4.7.2672.0| 1,289,512| 19-Jul-2018| 22:47 \nwminet_utils.dll| 4.7.2102.0| 188,088| 06-Jun-2017| 23:13 \nworkflowservicehostperformancecounters.dll| 4.7.3130.0| 101,136| 06-Jun-2018| 06:09 \nwpfgfx_v0400.dll| 4.7.2672.0| 1,766,864| 19-Jul-2018| 22:39 \npresentationcore.dll| 4.7.2672.0| 3,613,760| 19-Jul-2018| 22:39 \nsystem.data.dll| 4.7.2623.0| 3,461,784| 30-Nov-2017| 04:12 \nsystem.transactions.dll| 4.6.1099.0| 306,888| 27-Mar-2017| 03:29 \nsystem.web.dll| 4.7.2623.0| 5,397,136| 30-Nov-2017| 04:12 \npresentationframework.dll| 4.7.2672.0| 6,210,896| 19-Jul-2018| 22:47 \nsmdiagnostics.dll| 4.7.3130.0| 73,808| 06-Jun-2018| 06:16 \nsystem.activities.dll| 4.7.3130.0| 1,532,544| 06-Jun-2018| 06:16 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.data.sqlxml.dll| 4.7.2612.0| 734,400| 22-Nov-2017| 20:59 \nsystem.deployment.dll| 4.6.1099.0| 846,016| 27-Mar-2017| 03:33 \nsystem.directoryservices.accountmanagement.dll| 4.7.2623.0| 296,216| 30-Nov-2017| 04:16 \nsystem.directoryservices.protocols.dll| 4.6.1099.0| 200,488| 27-Mar-2017| 03:33 \nsystem.drawing.dll| 4.6.1099.0| 594,616| 27-Mar-2017| 03:33 \nsystem.identitymodel.services.dll| 4.7.3130.0| 198,376| 06-Jun-2018| 06:16 \nsystem.identitymodel.dll| 4.7.3130.0| 1,090,176| 06-Jun-2018| 06:16 \nsystem.management.dll| 4.7.2102.0| 415,432| 06-Jun-2017| 23:17 \nsystem.net.http.dll| 4.7.2634.0| 203,352| 02-Feb-2018| 21:11 \nsystem.runtime.caching.dll| 4.6.1649.1| 108,920| 21-Apr-2017| 05:35 \nsystem.runtime.remoting.dll| 4.7.2114.0| 347,368| 30-Aug-2017| 06:04 \nsystem.runtime.serialization.dll| 4.7.3130.0| 1,056,456| 06-Jun-2018| 06:16 \nsystem.security.dll| 4.7.2650.0| 324,696| 21-Mar-2018| 04:49 \nsystem.servicemodel.channels.dll| 4.7.3130.0| 157,928| 06-Jun-2018| 06:16 \nsystem.servicemodel.discovery.dll| 4.7.3130.0| 308,456| 06-Jun-2018| 06:16 \nsystem.servicemodel.internals.dll| 4.7.3130.0| 260,808| 06-Jun-2018| 06:16 \nsystem.servicemodel.routing.dll| 4.6.1099.0| 130,288| 27-Mar-2017| 03:33 \nsystem.servicemodel.washosting.dll| 4.7.3130.0| 39,656| 06-Jun-2018| 06:16 \nsystem.servicemodel.dll| 4.7.3130.0| 6,321,784| 06-Jun-2018| 06:16 \nsystem.web.applicationservices.dll| 4.7.2623.0| 70,912| 30-Nov-2017| 04:16 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nsystem.windows.controls.ribbon.dll| 4.7.2672.0| 742,608| 19-Jul-2018| 22:47 \nsystem.windows.forms.dll| 4.7.2114.0| 5,181,656| 30-Aug-2017| 06:04 \nsystem.workflow.activities.dll| 4.7.3130.0| 1,051,360| 06-Jun-2018| 06:16 \nsystem.workflow.componentmodel.dll| 4.7.3130.0| 1,542,384| 06-Jun-2018| 06:16 \nsystem.workflow.runtime.dll| 4.7.3130.0| 498,896| 06-Jun-2018| 06:16 \nsystem.xaml.dll| 4.7.2672.0| 643,560| 19-Jul-2018| 22:47 \nsystem.xml.dll| 4.7.2612.0| 2,670,224| 22-Nov-2017| 20:59 \nsystem.dll| 4.7.3151.0| 3,555,872| 10-Jul-2018| 06:53 \nuiautomationclientsideproviders.dll| 4.7.2672.0| 361,336| 19-Jul-2018| 22:47 \nuiautomationclient.dll| 4.7.2672.0| 177,984| 19-Jul-2018| 22:47 \nuiautomationprovider.dll| 4.7.2672.0| 48,968| 19-Jul-2018| 22:47 \nuiautomationtypes.dll| 4.7.2672.0| 220,992| 19-Jul-2018| 22:47 \nwindowsbase.dll| 4.7.2672.0| 1,289,512| 19-Jul-2018| 22:47 \nmscorlib.dll| 4.7.3133.0| 5,638,272| 25-Jul-2018| 02:50 \nnormidna.nlp| | 59,342| 02-Nov-2017| 02:14 \nnormnfc.nlp| | 47,076| 02-Nov-2017| 02:14 \nnormnfd.nlp| | 40,566| 02-Nov-2017| 02:14 \nnormnfkc.nlp| | 67,808| 02-Nov-2017| 02:14 \nnormnfkd.nlp| | 61,718| 02-Nov-2017| 02:14 \naspnet_perf.dll| 4.7.2623.0| 42,648| 30-Nov-2017| 04:16 \naspnet_state_perf.h| | 318| 30-Nov-2017| 02:23 \naspnet_state_perf.ini| | 42,996| 30-Nov-2017| 04:18 \naspnet_wp.exe| 4.7.2623.0| 46,176| 30-Nov-2017| 04:16 \nclrjit.dll| 4.7.3133.0| 524,288| 25-Jul-2018| 02:50 \nclr.dll| 4.7.3133.0| 7,249,400| 25-Jul-2018| 02:50 \ndfdll.dll| 4.6.1099.0| 154,768| 27-Mar-2017| 03:33 \nglobalmonospace.compositefont| | 26,040| 17-May-2018| 04:37 \nglobalsansserif.compositefont| | 26,489| 17-May-2018| 04:37 \nglobalserif.compositefont| | 29,779| 17-May-2018| 04:37 \nglobaluserinterface.compositefont| | 186,009| 19-Jul-2018| 19:11 \nmscordacwks.dll| 4.7.3133.0| 1,345,992| 25-Jul-2018| 02:50 \nmscordbi.dll| 4.7.3133.0| 1,170,440| 25-Jul-2018| 02:50 \nmscoreei.dll| 4.6.1099.0| 497,824| 27-Mar-2017| 03:33 \nmsvcp120_clr0400.dll| 12.0.52519.0| 485,576| 11-May-2018| 01:43 \nmsvcr120_clr0400.dll| 12.0.52519.0| 987,840| 11-May-2018| 01:43 \npenimc.dll| 14.7.2634.0| 19,096| 02-Feb-2018| 21:11 \npenimc2_v0400.dll| 4.7.2672.0| 86,160| 19-Jul-2018| 22:47 \npenimc_v0400.dll| 4.7.2634.0| 24,728| 02-Feb-2018| 21:11 \npeverify.dll| 4.7.3133.0| 189,960| 25-Jul-2018| 02:50 \npresentationhost_v0400.dll.mui| 4.7.2672.0| 84,704| 19-Jul-2018| 22:47 \npresentationhost_v0400.dll| 4.7.2672.0| 214,200| 19-Jul-2018| 22:47 \npresentationnative_v0400.dll| 4.7.2672.0| 827,096| 19-Jul-2018| 22:47 \nservicemonikersupport.dll| 4.7.3130.0| 29,384| 06-Jun-2018| 06:16 \nsos.dll| 4.7.3133.0| 744,952| 25-Jul-2018| 02:50 \nsystem.componentmodel.dataannotations.dll| 4.6.1099.0| 125,760| 27-Mar-2017| 03:33 \nsystem.core.dll| 4.7.2672.0| 1,485,144| 19-Jul-2018| 22:47 \nsystem.data.entity.dll| 4.7.2102.0| 4,033,744| 06-Jun-2017| 23:17 \nsystem.web.extensions.dll| 4.7.2623.0| 1,849,544| 30-Nov-2017| 04:16 \nwebengine4.dll| 4.7.2623.0| 550,032| 30-Nov-2017| 04:16 \nwebengine.dll| 4.7.2623.0| 24,712| 30-Nov-2017| 04:16 \nwminet_utils.dll| 4.7.2102.0| 136,368| 06-Jun-2017| 23:17 \nworkflowservicehostperformancecounters.dll| 4.7.3130.0| 89,384| 06-Jun-2018| 06:16 \nwpfgfx_v0400.dll| 4.7.2672.0| 1,345,160| 19-Jul-2018| 22:47 \npresentationcore.dll| 4.7.2672.0| 3,635,024| 19-Jul-2018| 22:47 \nsystem.data.dll| 4.7.2623.0| 3,397,272| 30-Nov-2017| 04:16 \nsystem.transactions.dll| 4.6.1099.0| 303,824| 27-Mar-2017| 03:33 \nsystem.web.dll| 4.7.2623.0| 5,409,936| 30-Nov-2017| 04:16 \n \n## How to obtain help and support for this security update\n\n * Help for installing updates: [Windows Update FAQ](<https://support.microsoft.com/en-us/help/12373/windows-update-faq>)\n * Security solutions for IT professionals: [TechNet Security Support and Troubleshooting](<https://technet.microsoft.com/security/bb980617.aspx>)\n * Help for protecting your Windows-based products and services from viruses and malware: [Microsoft Secure](<https://support.microsoft.com/contactus/cu_sc_virsec_master>)\n * Local support according to your country: [International Support](<http://support.microsoft.com>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4344144)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4344144", "href": "https://support.microsoft.com/en-us/help/4344144", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-15T15:49:07", "description": "None\n## Improvements and fixes\n\nThis update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel\u00ae Core\u00ae processors and Intel\u00ae Xeon\u00ae processors ([CVE-2018-3620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018>) and [CVE-2018-3646](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018>)). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the [Windows Client](<https://apac01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4073119%2Fprotect-against-speculative-execution-side-channel-vulnerabilities-in&data=02%7C01%7C%7C5f093a5931474f6f371408d5fba393a8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636691602344611384&sdata=O0oGLDQ41ci60VkHx848zLZpCFVpy%2B5H%2Bwu1sNXuG%2FA%3D&reserved=0>) guidance KB article. (_These registry settings are enabled by default for Windows Client OS editions._)\n * Addresses additional issues with updated time zone information.\n * Addresses an issue that prevents users from unlocking their computer if their password has expired. This issue occurs when fast user switching has been disabled and the user has locked the computer.\n * Updates support for the draft version of the Token Binding protocol v0.16.\n * Addresses an issue in which decrypted data fails to clear from memory, in some cases, after a CAPI decryption operation was completed.\n * Ensures that Internet Explorer and Microsoft Edge support the preload=\"none\" tag.\n * Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) _and_ a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is \u201cThis module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement\u201d. For more information, see [https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200](<https://na01.safelinks.protection.outlook.com/?url=https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200&data=02%7c01%7c%7c8a6ab318938545f3ed6108d5fe1b548e%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636694315694526873&sdata=kSZ7s7nk9hHky/03rwqdcaoAMJdwJwd%2BsltaI4ODW/s%3D&reserved=0>) and [https://aka.ms/PSModuleFunctionExport](<https://na01.safelinks.protection.outlook.com/?url=https://aka.ms/PSModuleFunctionExport&data=02%7c01%7c%7c8a6ab318938545f3ed6108d5fe1b548e%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636694315694526873&sdata=muUIr/qbRp8/%2B5fPfLzgY8OcpAEVxR3s9gS5bI6aFAg%3D&reserved=0>).\n * Addresses an issue that was introduced in the July 2018 .NET Framework update. Applications that rely on COM components were failing to load or run correctly because of \u201caccess denied,\u201d \u201cclass not registered,\u201d or \u201cinternal failure occurred for unknown reasons\u201d errors.\n * Addresses a vulnerability issue by correcting the way that the .NET Framework handles high-load or high-density network connections. For more information, see [CVE-2018-8360](<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.msrc.microsoft.com%2Fsecurity-guidance%2Fadvisory%2FCVE-2018-8360&data=02%7C01%7C%7C111dc7208a70414e6bee08d602d7ad2f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636699522675716939&sdata=LgAttISSbu40x0et1EFqQUqJAPTJGmmqTdB6foyZAZ8%3D&reserved=0>).\n * Extends the Key Management Service (KMS) to support the upcoming Windows 10 client Enterprise LTSC and Windows Server editions. For more information, see KB4347075.\n * Security updates to Windows Server.\nIf you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4343892>) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4343892](<http://download.microsoft.com/download/C/D/8/CD8936B0-36F5-4487-898F-F708F7712B3C/4343892.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "August 14, 2018\u2014KB4343892 (OS Build 10240.17946)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-8360", "CVE-2018-8385"], "modified": "2018-08-14T07:00:00", "id": "KB4343892", "href": "https://support.microsoft.com/en-us/help/4343892", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:04:16", "description": "None\n**Note** This release also contains updates for Windows 10 Mobile (OS Build 15063.1266) released August 14, 2018.\n\n## Improvements and fixes\n\nThis update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel\u00ae Core\u00ae processors and Intel\u00ae Xeon\u00ae processors ([CVE-2018-3620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018>) and [CVE-2018-3646](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018>)). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the [Windows Client](<https://apac01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4073119%2Fprotect-against-speculative-execution-side-channel-vulnerabilities-in&data=02%7C01%7C%7C5f093a5931474f6f371408d5fba393a8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636691602344611384&sdata=O0oGLDQ41ci60VkHx848zLZpCFVpy%2B5H%2Bwu1sNXuG%2FA%3D&reserved=0>) guidance KB article. (_These registry settings are enabled by default for Windows Client OS editions._)\n * Addresses an issue that causes Internet Explorer to stop working for certain websites.\n * Updates support for the draft version of the Token Binding protocol v0.16.\n * Addresses an issue that causes Device Guard to block some **ieframe.dll** class IDs after installing the May 2018 Cumulative Update.\n * Ensures that Internet Explorer and Microsoft Edge support the preload=\"none\" tag.\n * Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) _and_ a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is \u201cThis module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement\u201d. For more information, see [https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200](<https://na01.safelinks.protection.outlook.com/?url=https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200&data=02%7c01%7c%7c8a6ab318938545f3ed6108d5fe1b548e%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636694315694526873&sdata=kSZ7s7nk9hHky/03rwqdcaoAMJdwJwd%2BsltaI4ODW/s%3D&reserved=0>) and [https://aka.ms/PSModuleFunctionExport](<https://na01.safelinks.protection.outlook.com/?url=https://aka.ms/PSModuleFunctionExport&data=02%7c01%7c%7c8a6ab318938545f3ed6108d5fe1b548e%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636694315694526873&sdata=muUIr/qbRp8/%2B5fPfLzgY8OcpAEVxR3s9gS5bI6aFAg%3D&reserved=0>).\n * Addresses an issue that was introduced in the July 2018 .NET Framework update. Applications that rely on COM components were failing to load or run correctly because of \u201caccess denied,\u201d \u201cclass not registered,\u201d or \u201cinternal failure occurred for unknown reasons\u201d errors.\n * Addresses a vulnerability issue by correcting the way that the .NET Framework handles high-load or high-density network connections. For more information, see [CVE-2018-8360](<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.msrc.microsoft.com%2Fsecurity-guidance%2Fadvisory%2FCVE-2018-8360&data=02%7C01%7C%7C111dc7208a70414e6bee08d602d7ad2f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636699522675716939&sdata=LgAttISSbu40x0et1EFqQUqJAPTJGmmqTdB6foyZAZ8%3D&reserved=0>).\n * Security updates to Windows Server.\nIf you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4343885>) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4343885](<http://download.microsoft.com/download/A/B/3/AB3657EE-8C78-46B7-B1F6-ECCC34E5F627/4343885.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "August 14, 2018\u2014KB4343885 (OS Build 15063.1266)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8385", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-3620", "CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4343885", "href": "https://support.microsoft.com/en-us/help/4343885", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:04:21", "description": "None\n## Improvements and fixes\n\nThis update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel\u00ae Core\u00ae processors and Intel\u00ae Xeon\u00ae processors ([CVE-2018-3620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018>) and [CVE-2018-3646](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018>)). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the [Windows Client](<https://apac01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4073119%2Fprotect-against-speculative-execution-side-channel-vulnerabilities-in&data=02%7C01%7C%7C5f093a5931474f6f371408d5fba393a8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636691602344611384&sdata=O0oGLDQ41ci60VkHx848zLZpCFVpy%2B5H%2Bwu1sNXuG%2FA%3D&reserved=0>) and [Windows Server](<https://apac01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4072698%2Fwindows-server-guidance-to-protect-against-the-speculative-execution&data=02%7C01%7C%7C5f093a5931474f6f371408d5fba393a8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636691602344621389&sdata=3AsCxE7BxWnxLjOiS3fBBT%2FNJ144HgvwBotv%2FazrX%2Fk%3D&reserved=0>) guidance KB articles. (_These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions._)\n * Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 ([CVE-2017-5715](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002>) \u2013 Branch Target Injection).\n * Updates support for the draft version of the Token Binding protocol v0.16.\n * Addresses an issue that causes Device Guard to block some **ieframe.dll** class IDs after the May 2018 Cumulative Update is installed.\n * Ensures that Internet Explorer and Microsoft Edge support the preload=\"none\" tag.\n * Addresses an issue that displays \u201cAzureAD\u201d as the default domain on the sign-in screen after installing the July 24, 2018 update on a Hybrid Azure AD-joined machine. As a result, users may fail to sign in in Hybrid Azure AD-joined scenarios when users provide only their username and password.\n * Addresses an issue that adds additional spaces to content that's copied from Internet Explorer to other apps.\n * Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) _and_ a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is \u201cThis module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement\u201d. For more information, see [https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200](<https://na01.safelinks.protection.outlook.com/?url=https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200&data=02%7c01%7c%7c8a6ab318938545f3ed6108d5fe1b548e%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636694315694526873&sdata=kSZ7s7nk9hHky/03rwqdcaoAMJdwJwd%2BsltaI4ODW/s%3D&reserved=0>) and [https://aka.ms/PSModuleFunctionExport](<https://na01.safelinks.protection.outlook.com/?url=https://aka.ms/PSModuleFunctionExport&data=02%7c01%7c%7c8a6ab318938545f3ed6108d5fe1b548e%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636694315694526873&sdata=muUIr/qbRp8/%2B5fPfLzgY8OcpAEVxR3s9gS5bI6aFAg%3D&reserved=0>) .\n * Addresses an issue that was introduced in the July 2018 .NET Framework update. Applications that rely on COM components were failing to load or run correctly because of \u201caccess denied,\u201d \u201cclass not registered,\u201d or \u201cinternal failure occurred for unknown reasons\u201d errors.\n * Addresses a vulnerability issue by correcting the way that the .NET Framework handles high-load or high-density network connections. For more information, see [CVE-2018-8360](<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.msrc.microsoft.com%2Fsecurity-guidance%2Fadvisory%2FCVE-2018-8360&data=02%7C01%7C%7C111dc7208a70414e6bee08d602d7ad2f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636699522675716939&sdata=LgAttISSbu40x0et1EFqQUqJAPTJGmmqTdB6foyZAZ8%3D&reserved=0>).\n * Security updates to Windows Server.\nIf you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nSymptom| Workaround \n---|--- \nSome non-English platforms may display the following string in English instead of the localized language: \u201dReading scheduled jobs from file is not supported in this language mode.\u201d This error appears when you try to read the scheduled jobs you've created and Device Guard is enabled| After evaluation, Microsoft has determined that this is a low probability and a low-risk issue, and we will not provide a solution at this time for Windows 10, version 1709. If you believe that you are affected by this issue, please contact [Microsoft Support](<https://support.microsoft.com/en-us/gp/contactus81?forceorigin=esmc&Audience=Commercial>). \nWhen Device Guard is enabled, some non-English platforms may display the following strings in English instead of the localized language:\n\n * \"Cannot use '&' or '.' operators to invoke a module scope command across language boundaries.\"\n * \"'Script' resource from 'PSDesiredStateConfiguration' module is not supported when Device Guard is enabled. Please use 'Script' resource published by PSDscResources module from PowerShell Gallery.\"\n| After evaluation, Microsoft has determined that this is a low probability and a low-risk issue, and we will not provide a solution at this time for Windows 10, version 1709. If you believe that you are affected by this issue, please contact [Microsoft Support](<https://support.microsoft.com/en-us/gp/contactus81?forceorigin=esmc&Audience=Commercial>). \nAfter installing this update, Windows no longer recognizes the Personal Information exchange (PFX) certificate that\u2019s used for authenticating to a Wi-Fi or VPN connection. As a result, Microsoft Intune takes a long time to deliver user profiles because it doesn\u2019t recognize that the required certificate is on the device.| This issue is resolved in KB4464217. \n \n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the stand-alone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4343897 >) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4343897](<http://download.microsoft.com/download/D/3/7/D3797C34-3187-4C5B-9CF1-CFD920BDFD69/4343897.csv>). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "August 14, 2018\u2014KB4343897 (OS Build 16299.611)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8385", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-3620", "CVE-2017-5715", "CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4343897", "href": "https://support.microsoft.com/en-us/help/4343897", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:04:27", "description": "None\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 17134.228) released August 14, 2018.\n\n## Improvements and fixes\n\nThis update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel\u00ae Core\u00ae processors and Intel\u00ae Xeon\u00ae processors ([CVE-2018-3620](<https://portal.msrc.microsoft.com/security-guidance/advisory/ADV180018>) and [CVE-2018-3646)](<https://portal.msrc.microsoft.com/security-guidance/advisory/ADV180018>). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (_These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)_\n * Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 ([CVE-2017-5715](<https://portal.msrc.microsoft.com/security-guidance/advisory/ADV180002>) \u2013 Branch Target Injection).\n * Addresses an issue that prevents apps from receiving mesh updates after resuming. This issue occurs for apps that use Spatial Mapping mesh data and participate in the Sleep or Resume cycle.\n * Ensures that Internet Explorer and Microsoft Edge support the preload=\"none\" tag.\n * Addresses an issue that prevents some applications running on HoloLens, such as Remote Assistance, from authenticating after upgrading from Windows 10, version 1607, to Windows 10, version 1803.\n * Addresses an issue that significantly reduced battery life after upgrading to Windows 10, version 1803.\n * Addresses an issue that causes Device Guard to block some **ieframe.dll** class IDs after installing the May 2018 Cumulative Update.\n * Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) _and_ a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is \u201cThis module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement.\u201d For more information, see <https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8200> and <https://aka.ms/PSModuleFunctionExport>.\n * Addresses an issue that was introduced in the July 2018 .NET Framework update. Applications that rely on COM components were failing to load or run correctly because of \u201caccess denied,\u201d \u201cclass not registered,\u201d or \u201cinternal failure occurred for unknown reasons\u201d errors.\n * Addresses a vulnerability issue by correcting the way that the .NET Framework handles high-load or high-density network connections. For more information, see [CVE-2018-8360](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8360>).\n * Security updates to Windows Server.\nIf you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nSymptom| Workaround \n---|--- \nLaunching Microsoft Edge using the **New Application Guard****Window** may fail; normal Microsoft Edge instances are not affected.| This issue is resolved in KB4346783. \nAfter installing this update, Windows no longer recognizes the Personal Information exchange (PFX) certificate that\u2019s used for authenticating to a Wi-Fi or VPN connection. As a result, Microsoft Intune takes a long time to deliver user profiles because it doesn\u2019t recognize that the required certificate is on the device.| This issue is resolved in KB4464218. \n \n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4343909>) website.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4343909](<http://download.microsoft.com/download/7/D/7/7D711C08-831D-40A0-A8CA-50156D5CED24/4343909.csv>). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "August 14, 2018\u2014KB4343909 (OS Build 17134.228)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8385", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-3620", "CVE-2017-5715", "CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "KB4343909", "href": "https://support.microsoft.com/en-us/help/4343909", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T15:49:05", "description": "None\n**Note** This release also contains updates for Windows 10 Mobile (OS Build 14393.2431) released August 14, 2018.\n\n_Windows 10, version 1607, reached end of service on April 10, 2018. Devices running Windows 10 Home or Pro editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. __To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._**IMPORTANT: **Windows 10 Enterprise and Windows 10 Education editions will receive six months of additional servicing at no cost. Devices on the Long-Term Servicing Channels (LTSC) will continue to receive updates until October 2026 per the [Lifecycle Policy page](<https://support.microsoft.com/en-us/lifecycle/search?alpha=Windows%2010>). Windows 10 Anniversary Update (v. 1607) devices running the Intel \u201cClovertrail\u201d chipset will continue to receive updates until January 2023 per the [Microsoft Community blog](<https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install/intel-clover-trail-processors-are-not-supported-on/ed1823d3-c82c-4d7f-ba9d-43ecbcf526e9?auth=1>).\n\n## Improvements and fixes\n\nThis update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:\n\n * Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel\u00ae Core\u00ae processors and Intel\u00ae Xeon\u00ae processors ([CVE-2018-3620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018>) and [CVE-2018-3646](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018>)). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the [Windows Client](<https://apac01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4073119%2Fprotect-against-speculative-execution-side-channel-vulnerabilities-in&data=02%7C01%7C%7C5f093a5931474f6f371408d5fba393a8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636691602344611384&sdata=O0oGLDQ41ci60VkHx848zLZpCFVpy%2B5H%2Bwu1sNXuG%2FA%3D&reserved=0>) and [Windows Server](<https://apac01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4072698%2Fwindows-server-guidance-to-protect-against-the-speculative-execution&data=02%7C01%7C%7C5f093a5931474f6f371408d5fba393a8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636691602344621389&sdata=3AsCxE7BxWnxLjOiS3fBBT%2FNJ144HgvwBotv%2FazrX%2Fk%3D&reserved=0>) guidance KB articles. (_These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)_\n * Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 ([CVE-2017-5715](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002>) \u2013 Branch Target Injection).\n * Addresses an issue that causes Internet Explorer to stop working for certain websites.\n * Addresses an issue that causes Device Guard to block some **ieframe.dll** class IDs after installing the May 2018 Cumulative Update.\n * Ensures that Internet Explorer and Microsoft Edge support the preload=\"none\" tag.\n * Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) _and_ a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is \u201cThis module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement\u201d. For more information, see [https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200](<https://na01.safelinks.protection.outlook.com/?url=https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200&data=02%7c01%7c%7c8a6ab318938545f3ed6108d5fe1b548e%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636694315694526873&sdata=kSZ7s7nk9hHky/03rwqdcaoAMJdwJwd%2BsltaI4ODW/s%3D&reserved=0>) and [https://aka.ms/PSModuleFunctionExport](<https://na01.safelinks.protection.outlook.com/?url=https://aka.ms/PSModuleFunctionExport&data=02%7c01%7c%7c8a6ab318938545f3ed6108d5fe1b548e%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636694315694526873&sdata=muUIr/qbRp8/%2B5fPfLzgY8OcpAEVxR3s9gS5bI6aFAg%3D&reserved=0>).\n * Addresses a vulnerability issue by correcting the way that the .NET Framework handles high-load or high-density network connections. For more information, see [CVE-2018-8360](<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.msrc.microsoft.com%2Fsecurity-guidance%2Fadvisory%2FCVE-2018-8360&data=02%7C01%7C%7C111dc7208a70414e6bee08d602d7ad2f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636699522675716939&sdata=LgAttISSbu40x0et1EFqQUqJAPTJGmmqTdB6foyZAZ8%3D&reserved=0>).\n * Security updates to Windows Server.\n**Note **This update is not available with express installation files for Windows Server 2016.If you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\nThis update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4343887>) website.**Prerequisite: **The servicing stack update (SSU) ([KB4132216](<https://support.microsoft.com/help/4132216/>)) must be installed _before_ installing the latest cumulative update (LCU) (KB4343887). The LCU will not be reported as applicable until the SSU is installed.**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4343887](<http://download.microsoft.com/download/2/9/A/29A00447-736F-4259-926E-650849687D10/4343887.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mskb", "title": "August 14, 2018\u2014KB4343887 (OS Build 14393.2430)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5715", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-8360", "CVE-2018-8385"], "modified": "2018-08-14T07:00:00", "id": "KB4343887", "href": "https://support.microsoft.com/en-us/help/4343887", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2021-12-06T18:25:18", "description": "An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n\nTo exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another.\n\nThe security update addresses the vulnerability by correcting the way .NET Framework handles high-load/high-density network connections.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-14T07:00:00", "type": "mscve", "title": ".NET Framework Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2018-08-14T07:00:00", "id": "MS:CVE-2018-8360", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-8360", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-05-23T19:16:49", "description": "An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka \".NET Framework Information Disclosure Vulnerability.\" This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-15T17:29:00", "type": "cve", "title": "CVE-2018-8360", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8360"], "modified": "2022-05-23T17:29:00", "cpe": ["cpe:/a:microsoft:.net_framework:3.5.1", "cpe:/a:microsoft:.net_framework:4.6.1", "cpe:/a:microsoft:.net_framework:2.0", "cpe:/a:microsoft:.net_framework:4.6.2", "cpe:/a:microsoft:.net_framework:4.7.2", "cpe:/a:microsoft:.net_framework:4.7.1", "cpe:/a:microsoft:.net_framework:3.5", "cpe:/a:microsoft:.net_framework:4.6", "cpe:/a:microsoft:.net_framework:4.5.2", "cpe:/a:microsoft:.net_framework:4.7", "cpe:/a:microsoft:.net_framework:3.0"], "id": "CVE-2018-8360", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8360", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2022-06-16T16:28:10", "description": "The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability :\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft .NET Framework (August 2018)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8360"], "modified": "2019-11-04T00:00:00", "cpe": ["cpe:/a:microsoft:.net_framework"], "id": "SMB_NT_MS18_AUG_DOTNET.NASL", "href": "https://www.tenable.com/plugins/nessus/111693", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111693);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\"CVE-2018-8360\");\n script_bugtraq_id(104986);\n script_xref(name:\"MSKB\", value:\"4343887\");\n script_xref(name:\"MSKB\", value:\"4343885\");\n script_xref(name:\"MSKB\", value:\"4343909\");\n script_xref(name:\"MSKB\", value:\"4344147\");\n script_xref(name:\"MSKB\", value:\"4344146\");\n script_xref(name:\"MSKB\", value:\"4344145\");\n script_xref(name:\"MSKB\", value:\"4344144\");\n script_xref(name:\"MSKB\", value:\"4344165\");\n script_xref(name:\"MSKB\", value:\"4344167\");\n script_xref(name:\"MSKB\", value:\"4344166\");\n script_xref(name:\"MSKB\", value:\"4344149\");\n script_xref(name:\"MSKB\", value:\"4344148\");\n script_xref(name:\"MSKB\", value:\"4344152\");\n script_xref(name:\"MSKB\", value:\"4343897\");\n script_xref(name:\"MSKB\", value:\"4343892\");\n script_xref(name:\"MSKB\", value:\"4344150\");\n script_xref(name:\"MSKB\", value:\"4344151\");\n script_xref(name:\"MSKB\", value:\"4344178\");\n script_xref(name:\"MSKB\", value:\"4344153\");\n script_xref(name:\"MSKB\", value:\"4344176\");\n script_xref(name:\"MSKB\", value:\"4344177\");\n script_xref(name:\"MSKB\", value:\"4344175\");\n script_xref(name:\"MSKB\", value:\"4344172\");\n script_xref(name:\"MSKB\", value:\"4344173\");\n script_xref(name:\"MSKB\", value:\"4344171\");\n script_xref(name:\"MSFT\", value:\"MS18-4343887\");\n script_xref(name:\"MSFT\", value:\"MS18-4343885\");\n script_xref(name:\"MSFT\", value:\"MS18-4343909\");\n script_xref(name:\"MSFT\", value:\"MS18-4344147\");\n script_xref(name:\"MSFT\", value:\"MS18-4344146\");\n script_xref(name:\"MSFT\", value:\"MS18-4344145\");\n script_xref(name:\"MSFT\", value:\"MS18-4344144\");\n script_xref(name:\"MSFT\", value:\"MS18-4344165\");\n script_xref(name:\"MSFT\", value:\"MS18-4344167\");\n script_xref(name:\"MSFT\", value:\"MS18-4344166\");\n script_xref(name:\"MSFT\", value:\"MS18-4344149\");\n script_xref(name:\"MSFT\", value:\"MS18-4344148\");\n script_xref(name:\"MSFT\", value:\"MS18-4344152\");\n script_xref(name:\"MSFT\", value:\"MS18-4343897\");\n script_xref(name:\"MSFT\", value:\"MS18-4343892\");\n script_xref(name:\"MSFT\", value:\"MS18-4344150\");\n script_xref(name:\"MSFT\", value:\"MS18-4344151\");\n script_xref(name:\"MSFT\", value:\"MS18-4344178\");\n script_xref(name:\"MSFT\", value:\"MS18-4344153\");\n script_xref(name:\"MSFT\", value:\"MS18-4344176\");\n script_xref(name:\"MSFT\", value:\"MS18-4344177\");\n script_xref(name:\"MSFT\", value:\"MS18-4344175\");\n script_xref(name:\"MSFT\", value:\"MS18-4344172\");\n script_xref(name:\"MSFT\", value:\"MS18-4344173\");\n script_xref(name:\"MSFT\", value:\"MS18-4344171\");\n\n script_name(english:\"Security Updates for Microsoft .NET Framework (August 2018)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft .NET Framework installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft .NET Framework installation on the remote host\nis missing a security update. It is, therefore, affected by\nthe following vulnerability :\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\");\n # https://support.microsoft.com/en-us/help/4343887/windows-10-update-kb4343887\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?93e63484\");\n # https://support.microsoft.com/en-us/help/4343885/windows-10-update-kb4343885\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2be0b30b\");\n # https://support.microsoft.com/en-us/help/4343909/windows-10-update-kb4343909\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3356f605\");\n # https://support.microsoft.com/en-us/help/4344147/description-of-the-security-and-quality-rollup-for-net-framework-4-5-2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?09b4cda4\");\n # https://support.microsoft.com/en-us/help/4344146/description-of-the-security-and-quality-rollup-for-net-framework-4-6-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5d44cd3a\");\n # https://support.microsoft.com/en-us/help/4344145/description-of-the-security-and-quality-rollup-for-net-framework-4-6-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?28c48173\");\n # https://support.microsoft.com/en-us/help/4344144/description-of-the-security-and-quality-rollup-for-net-framework-4-6-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cd89d90f\");\n # https://support.microsoft.com/en-us/help/4344165/description-of-the-security-only-update-for-net-framework-4-6-4-6-1-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2837f4a2\");\n # https://support.microsoft.com/en-us/help/4344167/description-of-the-security-only-update-for-net-framework-4-6-4-6-1-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bf699f3a\");\n # https://support.microsoft.com/en-us/help/4344166/description-of-the-security-only-update-for-net-framework-4-6-4-6-1-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?124e7bc7\");\n # https://support.microsoft.com/en-us/help/4344149/description-of-the-security-and-quality-rollup-for-net-framework-4-5-2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cb3801fe\");\n # https://support.microsoft.com/en-us/help/4344148/description-of-the-security-and-quality-rollup-for-net-framework-4-5-2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9ab9852e\");\n # https://support.microsoft.com/en-us/help/4344152/description-of-the-security-and-quality-rollup-for-net-framework-3-5-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f052611d\");\n # https://support.microsoft.com/en-us/help/4343897/windows-10-update-kb4343897\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?770b7995\");\n # https://support.microsoft.com/en-us/help/4343892/windows-10-update-kb4343892\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e04d903e\");\n # https://support.microsoft.com/en-us/help/4344150/description-of-the-security-and-quality-rollup-for-net-framework-3-5-f\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e98b4c8a\");\n # https://support.microsoft.com/en-us/help/4344151/description-of-the-security-and-quality-rollup-for-net-framework-2-0-s\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7d39617b\");\n # https://support.microsoft.com/en-us/help/4344178/description-of-the-security-only-update-for-net-framework-3-5-for-wind\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?088c4696\");\n # https://support.microsoft.com/en-us/help/4344153/description-of-the-security-and-quality-rollup-for-net-framework-3-5-f\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9775d00a\");\n # https://support.microsoft.com/en-us/help/4344176/description-of-the-security-only-update-for-net-framework-2-0-sp2-and\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d0e06c76\");\n # https://support.microsoft.com/en-us/help/4344177/description-of-the-security-only-update-for-net-framework-3-5-1-for-wi\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?44da5a9a\");\n # https://support.microsoft.com/en-us/help/4344175/description-of-the-security-only-update-for-net-framework-3-5-for-wind\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c14a7305\");\n # https://support.microsoft.com/en-us/help/4344172/description-of-the-security-only-update-for-net-framework-4-5-2-for-wi\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?17554e6e\");\n # https://support.microsoft.com/en-us/help/4344173/description-of-the-security-only-update-for-net-framework-4-5-2-for-wi\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8618865f\");\n # https://support.microsoft.com/en-us/help/4344171/description-of-the-security-only-update-for-net-framework-4-5-2-for-wi\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dd8bc23c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released security updates for Microsoft .NET Framework.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8360\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_framework\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_dotnet_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_net_framework_installed.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS18-08\";\nkbs = make_list(\n \"4343885\",\n \"4343887\",\n \"4343892\",\n \"4343897\",\n \"4343909\",\n \"4344144\",\n \"4344145\",\n \"4344146\",\n \"4344147\",\n \"4344148\",\n \"4344149\",\n \"4344150\",\n \"4344151\",\n \"4344152\",\n \"4344153\",\n \"4344165\",\n \"4344166\",\n \"4344167\",\n \"4344171\",\n \"4344172\",\n \"4344173\",\n \"4344175\",\n \"4344176\",\n \"4344177\",\n \"4344178\"\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0', win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"Windows 8.1\" >!< productname) audit(AUDIT_OS_SP_NOT_VULN);\nelse if (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(exit_on_fail:TRUE, as_share:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\napp = 'Microsoft .NET Framework';\nget_install_count(app_name:app, exit_if_zero:TRUE);\ninstalls = get_combined_installs(app_name:app);\n\nvuln = 0;\n\nif (installs[0] == 0)\n{\n foreach install (installs[1])\n {\n version = install['version'];\n if( version != UNKNOWN_VER &&\n smb_check_dotnet_rollup(rollup_date:\"08_2018\", dotnet_ver:version))\n vuln++;\n }\n}\nif(vuln)\n{\n hotfix_security_warning();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, \"affected\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:26:33", "description": "The remote Windows host is missing security update 4343896 or cumulative update 4343901. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8344)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8404)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8316)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373, CVE-2018-8389)\n\n - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2018-8345)\n\n - An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. (CVE-2018-8343)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2018-8339)\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying permission to read the state of the object model, to which frames or windows on different domains should not have access. (CVE-2018-8351)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "KB4343896: Windows Server 2012 August 2018 Security Update (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3615", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8341", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8360", "CVE-2018-8371", "CVE-2018-8373", "CVE-2018-8385", "CVE-2018-8389", "CVE-2018-8394", "CVE-2018-8398", "CVE-2018-8403", "CVE-2018-8404"], "modified": "2022-03-28T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_AUG_4343901.NASL", "href": "https://www.tenable.com/plugins/nessus/111690", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111690);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/28\");\n\n script_cve_id(\n \"CVE-2018-3615\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-8316\",\n \"CVE-2018-8339\",\n \"CVE-2018-8341\",\n \"CVE-2018-8343\",\n \"CVE-2018-8344\",\n \"CVE-2018-8345\",\n \"CVE-2018-8348\",\n \"CVE-2018-8349\",\n \"CVE-2018-8351\",\n \"CVE-2018-8353\",\n \"CVE-2018-8360\",\n \"CVE-2018-8371\",\n \"CVE-2018-8373\",\n \"CVE-2018-8385\",\n \"CVE-2018-8389\",\n \"CVE-2018-8394\",\n \"CVE-2018-8398\",\n \"CVE-2018-8403\",\n \"CVE-2018-8404\"\n );\n script_bugtraq_id(\n 104982,\n 104983,\n 104984,\n 104986,\n 104987,\n 104992,\n 104995,\n 104999,\n 105001,\n 105027,\n 105030\n );\n script_xref(name:\"MSKB\", value:\"4343896\");\n script_xref(name:\"MSKB\", value:\"4343901\");\n script_xref(name:\"MSFT\", value:\"MS18-4343896\");\n script_xref(name:\"MSFT\", value:\"MS18-4343901\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n\n script_name(english:\"KB4343896: Windows Server 2012 August 2018 Security Update (Foreshadow)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4343896\nor cumulative update 4343901. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8344)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2018-8404)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly validates hyperlinks before\n loading executable libraries. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8316)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373,\n CVE-2018-8389)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows that could allow remote code execution\n if a .LNK file is processed. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. (CVE-2018-8345)\n\n - An elevation of privilege vulnerability exists in the\n Network Driver Interface Specification (NDIS) when\n ndis.sys fails to check the length of a buffer prior to\n copying memory to it. (CVE-2018-8343)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in\n "Microsoft COM for Windows" when it fails to\n properly handle serialized objects. An attacker who\n successfully exploited the vulnerability could use a\n specially crafted file or script to perform actions. In\n an email attack scenario, an attacker could exploit the\n vulnerability by sending the specially crafted file to\n the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2018-8339)\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly allow cross-frame\n interaction. An attacker who successfully exploited this\n vulnerability could allow an attacker to obtain browser\n frame or window state from a different domain. For an\n attack to be successful, an attacker must persuade a\n user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying\n permission to read the state of the object model, to\n which frames or windows on different domains should not\n have access. (CVE-2018-8351)\");\n # https://support.microsoft.com/en-us/help/4343896/windows-server-2012-update-kb4343896\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?55516671\");\n # https://support.microsoft.com/en-us/help/4343901/windows-server-2012-update-kb4343901\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f8d177a9\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4343896 or Cumulative Update KB4343901\nas well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8349\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-08\";\nkbs = make_list('4343896', '4343901');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"08_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4343896, 4343901])\n )\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:26:33", "description": "The remote Windows host is missing security update 4343888 or cumulative update 4343898. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8404)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8316)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373, CVE-2018-8389)\n\n - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2018-8345)\n\n - An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2018-8405)\n\n - An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. (CVE-2018-8343)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2018-8339)\n\n - A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests.\n (CVE-2018-8340)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying permission to read the state of the object model, to which frames or windows on different domains should not have access. (CVE-2018-8351)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "KB4343888: Windows 8.1 and Windows Server 2012 R2 August 2018 Security Update (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3615", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8340", "CVE-2018-8341", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8355", "CVE-2018-8360", "CVE-2018-8371", "CVE-2018-8372", "CVE-2018-8373", "CVE-2018-8385", "CVE-2018-8389", "CVE-2018-8394", "CVE-2018-8398", "CVE-2018-8403", "CVE-2018-8404", "CVE-2018-8405"], "modified": "2022-03-29T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_AUG_4343898.NASL", "href": "https://www.tenable.com/plugins/nessus/111688", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111688);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/29\");\n\n script_cve_id(\n \"CVE-2018-3615\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-8316\",\n \"CVE-2018-8339\",\n \"CVE-2018-8340\",\n \"CVE-2018-8341\",\n \"CVE-2018-8343\",\n \"CVE-2018-8344\",\n \"CVE-2018-8345\",\n \"CVE-2018-8348\",\n \"CVE-2018-8349\",\n \"CVE-2018-8351\",\n \"CVE-2018-8353\",\n \"CVE-2018-8355\",\n \"CVE-2018-8360\",\n \"CVE-2018-8371\",\n \"CVE-2018-8372\",\n \"CVE-2018-8373\",\n \"CVE-2018-8385\",\n \"CVE-2018-8389\",\n \"CVE-2018-8394\",\n \"CVE-2018-8398\",\n \"CVE-2018-8403\",\n \"CVE-2018-8404\",\n \"CVE-2018-8405\"\n );\n script_bugtraq_id(\n 104978,\n 104982,\n 104983,\n 104984,\n 104986,\n 104987,\n 104992,\n 104995,\n 104999,\n 105001,\n 105011,\n 105027,\n 105029,\n 105030\n );\n script_xref(name:\"MSKB\", value:\"4343898\");\n script_xref(name:\"MSKB\", value:\"4343888\");\n script_xref(name:\"MSFT\", value:\"MS18-4343898\");\n script_xref(name:\"MSFT\", value:\"MS18-4343888\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n\n script_name(english:\"KB4343888: Windows 8.1 and Windows Server 2012 R2 August 2018 Security Update (Foreshadow)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4343888\nor cumulative update 4343898. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2018-8404)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly validates hyperlinks before\n loading executable libraries. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8316)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373,\n CVE-2018-8389)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows that could allow remote code execution\n if a .LNK file is processed. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. (CVE-2018-8345)\n\n - An elevation of privilege vulnerability exists when the\n DirectX Graphics Kernel (DXGKRNL) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2018-8405)\n\n - An elevation of privilege vulnerability exists in the\n Network Driver Interface Specification (NDIS) when\n ndis.sys fails to check the length of a buffer prior to\n copying memory to it. (CVE-2018-8343)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in\n "Microsoft COM for Windows" when it fails to\n properly handle serialized objects. An attacker who\n successfully exploited the vulnerability could use a\n specially crafted file or script to perform actions. In\n an email attack scenario, an attacker could exploit the\n vulnerability by sending the specially crafted file to\n the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2018-8339)\n\n - A security feature bypass vulnerability exists when\n Active Directory Federation Services (AD FS) improperly\n handles multi-factor authentication requests.\n (CVE-2018-8340)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly allow cross-frame\n interaction. An attacker who successfully exploited this\n vulnerability could allow an attacker to obtain browser\n frame or window state from a different domain. For an\n attack to be successful, an attacker must persuade a\n user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying\n permission to read the state of the object model, to\n which frames or windows on different domains should not\n have access. (CVE-2018-8351)\");\n # https://support.microsoft.com/en-us/help/4343898/windows-81-update-kb4343898\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?82e63681\");\n # https://support.microsoft.com/en-us/help/4343888/windows-81-update-kb4343888\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1fda3003\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4343888 or Cumulative Update KB4343898\nas well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8349\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-08\";\nkbs = make_list('4343898', '4343888');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"08_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4343898, 4343888])\n )\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:27:21", "description": "The remote Windows host is missing security update 4343899 or cumulative update 4343900. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-8341, CVE-2018-8348)\n\n - An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. (CVE-2018-8342, CVE-2018-8343)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2018-8394, CVE-2018-8396, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2018-8345, CVE-2018-8346)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373, CVE-2018-8389)\n\n - A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8397)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8404)\n\n - A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2018-8339)\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying permission to read the state of the object model, to which frames or windows on different domains should not have access. (CVE-2018-8351)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8344)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "KB4343899: Windows 7 and Windows Server 2008 R2 August 2018 Security Update (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3615", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3665", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8341", "CVE-2018-8342", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8346", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8355", "CVE-2018-8360", "CVE-2018-8371", "CVE-2018-8372", "CVE-2018-8373", "CVE-2018-8385", "CVE-2018-8389", "CVE-2018-8394", "CVE-2018-8396", "CVE-2018-8397", "CVE-2018-8398", "CVE-2018-8403", "CVE-2018-8404"], "modified": "2022-03-28T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_AUG_4343900.NASL", "href": "https://www.tenable.com/plugins/nessus/111689", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111689);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/28\");\n\n script_cve_id(\n \"CVE-2018-3615\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-3665\",\n \"CVE-2018-8316\",\n \"CVE-2018-8339\",\n \"CVE-2018-8341\",\n \"CVE-2018-8342\",\n \"CVE-2018-8343\",\n \"CVE-2018-8344\",\n \"CVE-2018-8345\",\n \"CVE-2018-8346\",\n \"CVE-2018-8348\",\n \"CVE-2018-8349\",\n \"CVE-2018-8351\",\n \"CVE-2018-8353\",\n \"CVE-2018-8355\",\n \"CVE-2018-8360\",\n \"CVE-2018-8371\",\n \"CVE-2018-8372\",\n \"CVE-2018-8373\",\n \"CVE-2018-8385\",\n \"CVE-2018-8389\",\n \"CVE-2018-8394\",\n \"CVE-2018-8396\",\n \"CVE-2018-8397\",\n \"CVE-2018-8398\",\n \"CVE-2018-8403\",\n \"CVE-2018-8404\"\n );\n script_bugtraq_id(\n 104975,\n 104978,\n 104982,\n 104983,\n 104984,\n 104986,\n 104987,\n 104992,\n 104994,\n 104995,\n 104999,\n 105001,\n 105002,\n 105027,\n 105028,\n 105030\n );\n script_xref(name:\"MSKB\", value:\"4343899\");\n script_xref(name:\"MSKB\", value:\"4343900\");\n script_xref(name:\"MSFT\", value:\"MS18-4343899\");\n script_xref(name:\"MSFT\", value:\"MS18-4343900\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n\n script_name(english:\"KB4343899: Windows 7 and Windows Server 2008 R2 August 2018 Security Update (Foreshadow)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4343899\nor cumulative update 4343900. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8341, CVE-2018-8348)\n\n - An elevation of privilege vulnerability exists in the\n Network Driver Interface Specification (NDIS) when\n ndis.sys fails to check the length of a buffer prior to\n copying memory to it. (CVE-2018-8342, CVE-2018-8343)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly validates hyperlinks before\n loading executable libraries. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2018-8394, CVE-2018-8396, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows that could allow remote code execution\n if a .LNK file is processed. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. (CVE-2018-8345,\n CVE-2018-8346)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373,\n CVE-2018-8389)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8397)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2018-8404)\n\n - A remote code execution vulnerability exists in\n "Microsoft COM for Windows" when it fails to\n properly handle serialized objects. An attacker who\n successfully exploited the vulnerability could use a\n specially crafted file or script to perform actions. In\n an email attack scenario, an attacker could exploit the\n vulnerability by sending the specially crafted file to\n the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2018-8339)\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly allow cross-frame\n interaction. An attacker who successfully exploited this\n vulnerability could allow an attacker to obtain browser\n frame or window state from a different domain. For an\n attack to be successful, an attacker must persuade a\n user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying\n permission to read the state of the object model, to\n which frames or windows on different domains should not\n have access. (CVE-2018-8351)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8344)\");\n # https://support.microsoft.com/en-us/help/4343899/windows-7-update-kb4343899\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3a469b20\");\n # https://support.microsoft.com/en-us/help/4343900/windows-7-update-kb4343900\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7990c33\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4343899 or Cumulative Update KB4343900\nas well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8397\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-08\";\nkbs = make_list('4343899', '4343900');\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"08_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4343899, 4343900])\n )\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-07T23:26:44", "description": "The remote Windows host is missing security update 4343892.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8404)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8316)\n\n - A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8266, CVE-2018-8381)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373, CVE-2018-8389)\n\n - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2018-8345)\n\n - An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2018-8401, CVE-2018-8405, CVE-2018-8406)\n\n - A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerability to obtain privileged information from the browser process, such as sensitive data from other opened tabs. An attacker could also inject malicious code into advertising networks used by trusted sites or embed malicious code on a compromised, but trusted, site. The update addresses the vulnerability by correcting how the WebAudio Library handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. (CVE-2018-8343)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2018-8339)\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying permission to read the state of the object model, to which frames or windows on different domains should not have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2018-8357)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "KB4343892: Windows 10 August 2018 Security Update (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0952", "CVE-2018-3615", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-8204", "CVE-2018-8266", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8341", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8355", "CVE-2018-8357", "CVE-2018-8360", "CVE-2018-8370", "CVE-2018-8371", "CVE-2018-8372", "CVE-2018-8373", "CVE-2018-8381", "CVE-2018-8385", "CVE-2018-8389", "CVE-2018-8394", "CVE-2018-8398", "CVE-2018-8401", "CVE-2018-8403", "CVE-2018-8404", "CVE-2018-8405", "CVE-2018-8406"], "modified": "2022-03-29T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_AUG_4343892.NASL", "href": "https://www.tenable.com/plugins/nessus/111686", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111686);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/29\");\n\n script_cve_id(\n \"CVE-2018-3615\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-0952\",\n \"CVE-2018-8200\",\n \"CVE-2018-8204\",\n \"CVE-2018-8266\",\n \"CVE-2018-8316\",\n \"CVE-2018-8339\",\n \"CVE-2018-8341\",\n \"CVE-2018-8343\",\n \"CVE-2018-8344\",\n \"CVE-2018-8345\",\n \"CVE-2018-8348\",\n \"CVE-2018-8349\",\n \"CVE-2018-8351\",\n \"CVE-2018-8353\",\n \"CVE-2018-8355\",\n \"CVE-2018-8357\",\n \"CVE-2018-8360\",\n \"CVE-2018-8370\",\n \"CVE-2018-8371\",\n \"CVE-2018-8372\",\n \"CVE-2018-8373\",\n \"CVE-2018-8381\",\n \"CVE-2018-8385\",\n \"CVE-2018-8389\",\n \"CVE-2018-8394\",\n \"CVE-2018-8398\",\n \"CVE-2018-8401\",\n \"CVE-2018-8403\",\n \"CVE-2018-8404\",\n \"CVE-2018-8405\",\n \"CVE-2018-8406\"\n );\n script_bugtraq_id(\n 104977,\n 104978,\n 104980,\n 104982,\n 104983,\n 104984,\n 104986,\n 104987,\n 104992,\n 104995,\n 104999,\n 105001,\n 105006,\n 105007,\n 105008,\n 105011,\n 105012,\n 105027,\n 105030,\n 105048\n );\n script_xref(name:\"MSKB\", value:\"4343892\");\n script_xref(name:\"MSFT\", value:\"MS18-4343892\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n\n script_name(english:\"KB4343892: Windows 10 August 2018 Security Update (Foreshadow)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4343892.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2018-8404)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly validates hyperlinks before\n loading executable libraries. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8316)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - An Elevation of Privilege vulnerability exists when\n Diagnostics Hub Standard Collector allows file creation\n in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8266, CVE-2018-8381)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373,\n CVE-2018-8389)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows that could allow remote code execution\n if a .LNK file is processed. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. (CVE-2018-8345)\n\n - An elevation of privilege vulnerability exists when the\n DirectX Graphics Kernel (DXGKRNL) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2018-8401, CVE-2018-8405,\n CVE-2018-8406)\n\n - A information disclosure vulnerability exists when\n WebAudio Library improperly handles audio requests. An\n attacker who has successfully exploited this\n vulnerability might be able to read privileged data\n across trust boundaries. In browsing scenarios, an\n attacker could convince a user to visit a malicious site\n and leverage the vulnerability to obtain privileged\n information from the browser process, such as sensitive\n data from other opened tabs. An attacker could also\n inject malicious code into advertising networks used by\n trusted sites or embed malicious code on a compromised,\n but trusted, site. The update addresses the\n vulnerability by correcting how the WebAudio Library\n handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in the\n Network Driver Interface Specification (NDIS) when\n ndis.sys fails to check the length of a buffer prior to\n copying memory to it. (CVE-2018-8343)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in\n "Microsoft COM for Windows" when it fails to\n properly handle serialized objects. An attacker who\n successfully exploited the vulnerability could use a\n specially crafted file or script to perform actions. In\n an email attack scenario, an attacker could exploit the\n vulnerability by sending the specially crafted file to\n the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2018-8339)\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly allow cross-frame\n interaction. An attacker who successfully exploited this\n vulnerability could allow an attacker to obtain browser\n frame or window state from a different domain. For an\n attack to be successful, an attacker must persuade a\n user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying\n permission to read the state of the object model, to\n which frames or windows on different domains should not\n have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in\n Microsoft browsers allowing sandbox escape. An attacker\n who successfully exploited the vulnerability could use\n the sandbox escape to elevate privileges on an affected\n system. This vulnerability by itself does not allow\n arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2018-8357)\");\n # https://support.microsoft.com/en-us/help/4343892/windows-10-update-kb4343892\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e04d903e\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4343892 as well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8349\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-08\";\nkbs = make_list('4343892');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date:\"08_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4343892])\n )\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-07T23:27:48", "description": "The remote Windows host is missing security update 4343887.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. (CVE-2018-8343)\n\n - A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests. The vulnerability allows Microsoft Edge to bypass Cross- Origin Resource Sharing (CORS) redirect restrictions, and to follow redirect requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice. (CVE-2018-8358)\n\n - A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8347)\n\n - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2018-8345)\n\n - A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerability to obtain privileged information from the browser process, such as sensitive data from other opened tabs. An attacker could also inject malicious code into advertising networks used by trusted sites or embed malicious code on a compromised, but trusted, site. The update addresses the vulnerability by correcting how the WebAudio Library handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8404)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2018-8339)\n\n - A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests.\n (CVE-2018-8340)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8266, CVE-2018-8381)\n\n - An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen. An attacker who successfully exploited the vulnerability could steal browser stored passwords or log on to websites as another user. (CVE-2018-8253)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying permission to read the state of the object model, to which frames or windows on different domains should not have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2018-8357)\n\n - An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373, CVE-2018-8389)\n\n - An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2018-8401, CVE-2018-8405, CVE-2018-8406)\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.\n (CVE-2018-8388)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "KB4343887: Windows 10 Version 1607 and Windows Server 2016 August 2018 Security Update (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0952", "CVE-2018-3615", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-8204", "CVE-2018-8253", "CVE-2018-8266", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8340", "CVE-2018-8341", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8347", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8355", "CVE-2018-8357", "CVE-2018-8358", "CVE-2018-8360", "CVE-2018-8370", "CVE-2018-8371", "CVE-2018-8372", "CVE-2018-8373", "CVE-2018-8381", "CVE-2018-8385", "CVE-2018-8388", "CVE-2018-8389", "CVE-2018-8394", "CVE-2018-8398", "CVE-2018-8401", "CVE-2018-8403", "CVE-2018-8404", "CVE-2018-8405", "CVE-2018-8406"], "modified": "2022-03-29T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_AUG_4343887.NASL", "href": "https://www.tenable.com/plugins/nessus/111685", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111685);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/29\");\n\n script_cve_id(\n \"CVE-2018-3615\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-0952\",\n \"CVE-2018-8200\",\n \"CVE-2018-8204\",\n \"CVE-2018-8253\",\n \"CVE-2018-8266\",\n \"CVE-2018-8316\",\n \"CVE-2018-8339\",\n \"CVE-2018-8340\",\n \"CVE-2018-8341\",\n \"CVE-2018-8343\",\n \"CVE-2018-8344\",\n \"CVE-2018-8345\",\n \"CVE-2018-8347\",\n \"CVE-2018-8348\",\n \"CVE-2018-8349\",\n \"CVE-2018-8351\",\n \"CVE-2018-8353\",\n \"CVE-2018-8355\",\n \"CVE-2018-8357\",\n \"CVE-2018-8358\",\n \"CVE-2018-8360\",\n \"CVE-2018-8370\",\n \"CVE-2018-8371\",\n \"CVE-2018-8372\",\n \"CVE-2018-8373\",\n \"CVE-2018-8381\",\n \"CVE-2018-8385\",\n \"CVE-2018-8388\",\n \"CVE-2018-8389\",\n \"CVE-2018-8394\",\n \"CVE-2018-8398\",\n \"CVE-2018-8401\",\n \"CVE-2018-8403\",\n \"CVE-2018-8404\",\n \"CVE-2018-8405\",\n \"CVE-2018-8406\"\n );\n script_bugtraq_id(\n 104977,\n 104978,\n 104980,\n 104982,\n 104983,\n 104984,\n 104986,\n 104987,\n 104988,\n 104992,\n 104995,\n 104999,\n 105001,\n 105006,\n 105007,\n 105008,\n 105009,\n 105011,\n 105012,\n 105017,\n 105027,\n 105029,\n 105030,\n 105048\n );\n script_xref(name:\"MSKB\", value:\"4343887\");\n script_xref(name:\"MSFT\", value:\"MS18-4343887\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n\n script_name(english:\"KB4343887: Windows 10 Version 1607 and Windows Server 2016 August 2018 Security Update (Foreshadow)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4343887.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in the\n Network Driver Interface Specification (NDIS) when\n ndis.sys fails to check the length of a buffer prior to\n copying memory to it. (CVE-2018-8343)\n\n - A remote code execution vulnerability exists in\n "Microsoft COM for Windows" when it fails to\n properly handle serialized objects. An attacker who\n successfully exploited the vulnerability could use a\n specially crafted file or script to perform actions. In\n an email attack scenario, an attacker could exploit the\n vulnerability by sending the specially crafted file to\n the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - A security feature bypass vulnerability exists when\n Microsoft Edge improperly handles redirect requests. The\n vulnerability allows Microsoft Edge to bypass Cross-\n Origin Resource Sharing (CORS) redirect restrictions,\n and to follow redirect requests that should otherwise be\n ignored. An attacker who successfully exploited the\n vulnerability could force the browser to send data that\n would otherwise be restricted to a destination website\n of the attacker's choice. (CVE-2018-8358)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows when the Windows kernel fails to\n properly handle parsing of certain symbolic links. An\n attacker who successfully exploited this vulnerability\n could potentially access privileged registry keys and\n thereby elevate permissions. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8347)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows that could allow remote code execution\n if a .LNK file is processed. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. (CVE-2018-8345)\n\n - A information disclosure vulnerability exists when\n WebAudio Library improperly handles audio requests. An\n attacker who has successfully exploited this\n vulnerability might be able to read privileged data\n across trust boundaries. In browsing scenarios, an\n attacker could convince a user to visit a malicious site\n and leverage the vulnerability to obtain privileged\n information from the browser process, such as sensitive\n data from other opened tabs. An attacker could also\n inject malicious code into advertising networks used by\n trusted sites or embed malicious code on a compromised,\n but trusted, site. The update addresses the\n vulnerability by correcting how the WebAudio Library\n handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2018-8404)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2018-8339)\n\n - A security feature bypass vulnerability exists when\n Active Directory Federation Services (AD FS) improperly\n handles multi-factor authentication requests.\n (CVE-2018-8340)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8266, CVE-2018-8381)\n\n - An elevation of privilege vulnerability exists when\n Microsoft Cortana allows arbitrary website browsing on\n the lockscreen. An attacker who successfully exploited\n the vulnerability could steal browser stored passwords\n or log on to websites as another user. (CVE-2018-8253)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly validates hyperlinks before\n loading executable libraries. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly allow cross-frame\n interaction. An attacker who successfully exploited this\n vulnerability could allow an attacker to obtain browser\n frame or window state from a different domain. For an\n attack to be successful, an attacker must persuade a\n user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying\n permission to read the state of the object model, to\n which frames or windows on different domains should not\n have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in\n Microsoft browsers allowing sandbox escape. An attacker\n who successfully exploited the vulnerability could use\n the sandbox escape to elevate privileges on an affected\n system. This vulnerability by itself does not allow\n arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2018-8357)\n\n - An Elevation of Privilege vulnerability exists when\n Diagnostics Hub Standard Collector allows file creation\n in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373,\n CVE-2018-8389)\n\n - An elevation of privilege vulnerability exists when the\n DirectX Graphics Kernel (DXGKRNL) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2018-8401, CVE-2018-8405,\n CVE-2018-8406)\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - A spoofing vulnerability exists when Microsoft Edge\n improperly handles specific HTML content. An attacker\n who successfully exploited this vulnerability could\n trick a user into believing that the user was on a\n legitimate website. The specially crafted website could\n either spoof content or serve as a pivot to chain an\n attack with other vulnerabilities in web services.\n (CVE-2018-8388)\");\n # https://support.microsoft.com/en-us/help/4343887/windows-10-update-kb4343887\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?93e63484\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4343887 as well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8349\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-08\";\nkbs = make_list('4343887');\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"08_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4343887])\n )\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-07T23:26:13", "description": "The remote Windows host is missing security update 4343885.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. (CVE-2018-8343)\n\n - A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8390)\n\n - A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on as an administrator, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with elevated privileges. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges. (CVE-2018-8414)\n\n - A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8347)\n\n - A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8350)\n\n - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2018-8345)\n\n - A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerability to obtain privileged information from the browser process, such as sensitive data from other opened tabs. An attacker could also inject malicious code into advertising networks used by trusted sites or embed malicious code on a compromised, but trusted, site. The update addresses the vulnerability by correcting how the WebAudio Library handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2018-8339)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8266, CVE-2018-8381)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8399, CVE-2018-8404)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying permission to read the state of the object model, to which frames or windows on different domains should not have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2018-8357)\n\n - An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373, CVE-2018-8389)\n\n - An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2018-8401, CVE-2018-8405, CVE-2018-8406)\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.\n (CVE-2018-8388)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "KB4343885: Windows 10 Version 1703 August 2018 Security Update (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0952", "CVE-2018-3615", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-8204", "CVE-2018-8266", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8341", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8347", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8350", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8355", "CVE-2018-8357", "CVE-2018-8360", "CVE-2018-8370", "CVE-2018-8371", "CVE-2018-8372", "CVE-2018-8373", "CVE-2018-8381", "CVE-2018-8385", "CVE-2018-8388", "CVE-2018-8389", "CVE-2018-8390", "CVE-2018-8394", "CVE-2018-8398", "CVE-2018-8399", "CVE-2018-8401", "CVE-2018-8403", "CVE-2018-8404", "CVE-2018-8405", "CVE-2018-8406", "CVE-2018-8414"], "modified": "2022-03-29T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_AUG_4343885.NASL", "href": "https://www.tenable.com/plugins/nessus/111684", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111684);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/29\");\n\n script_cve_id(\n \"CVE-2018-3615\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-0952\",\n \"CVE-2018-8200\",\n \"CVE-2018-8204\",\n \"CVE-2018-8266\",\n \"CVE-2018-8316\",\n \"CVE-2018-8339\",\n \"CVE-2018-8341\",\n \"CVE-2018-8343\",\n \"CVE-2018-8344\",\n \"CVE-2018-8345\",\n \"CVE-2018-8347\",\n \"CVE-2018-8348\",\n \"CVE-2018-8349\",\n \"CVE-2018-8350\",\n \"CVE-2018-8351\",\n \"CVE-2018-8353\",\n \"CVE-2018-8355\",\n \"CVE-2018-8357\",\n \"CVE-2018-8360\",\n \"CVE-2018-8370\",\n \"CVE-2018-8371\",\n \"CVE-2018-8372\",\n \"CVE-2018-8373\",\n \"CVE-2018-8381\",\n \"CVE-2018-8385\",\n \"CVE-2018-8388\",\n \"CVE-2018-8389\",\n \"CVE-2018-8390\",\n \"CVE-2018-8394\",\n \"CVE-2018-8398\",\n \"CVE-2018-8399\",\n \"CVE-2018-8401\",\n \"CVE-2018-8403\",\n \"CVE-2018-8404\",\n \"CVE-2018-8405\",\n \"CVE-2018-8406\",\n \"CVE-2018-8414\"\n );\n script_bugtraq_id(\n 104977,\n 104978,\n 104980,\n 104982,\n 104983,\n 104984,\n 104985,\n 104986,\n 104987,\n 104988,\n 104992,\n 104995,\n 104998,\n 104999,\n 105001,\n 105006,\n 105007,\n 105008,\n 105011,\n 105012,\n 105016,\n 105027,\n 105030,\n 105041,\n 105048\n );\n script_xref(name:\"MSKB\", value:\"4343885\");\n script_xref(name:\"MSFT\", value:\"MS18-4343885\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n\n script_name(english:\"KB4343885: Windows 10 Version 1703 August 2018 Security Update (Foreshadow)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4343885.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in the\n Network Driver Interface Specification (NDIS) when\n ndis.sys fails to check the length of a buffer prior to\n copying memory to it. (CVE-2018-8343)\n\n - A remote code execution vulnerability exists in\n "Microsoft COM for Windows" when it fails to\n properly handle serialized objects. An attacker who\n successfully exploited the vulnerability could use a\n specially crafted file or script to perform actions. In\n an email attack scenario, an attacker could exploit the\n vulnerability by sending the specially crafted file to\n the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - A remote code execution vulnerability exists in the way\n that the ChakraCore scripting engine handles objects in\n memory. The vulnerability could corrupt memory in such a\n way that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8390)\n\n - A remote code execution vulnerability exists when the\n Windows Shell does not properly validate file paths. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in the context of the current\n user. If the current user is logged on as an\n administrator, an attacker could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with elevated privileges. Users whose accounts\n are configured to have fewer privileges on the system\n could be less impacted than users who operate with\n administrative privileges. (CVE-2018-8414)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows when the Windows kernel fails to\n properly handle parsing of certain symbolic links. An\n attacker who successfully exploited this vulnerability\n could potentially access privileged registry keys and\n thereby elevate permissions. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8347)\n\n - A remote code execution vulnerability exists when\n Microsoft Windows PDF Library improperly handles objects\n in memory. The vulnerability could corrupt memory in a\n way that enables an attacker to execute arbitrary code\n in the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. If the current\n user is logged on with administrative user rights, an\n attacker could take control of an affected system. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2018-8350)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows that could allow remote code execution\n if a .LNK file is processed. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. (CVE-2018-8345)\n\n - A information disclosure vulnerability exists when\n WebAudio Library improperly handles audio requests. An\n attacker who has successfully exploited this\n vulnerability might be able to read privileged data\n across trust boundaries. In browsing scenarios, an\n attacker could convince a user to visit a malicious site\n and leverage the vulnerability to obtain privileged\n information from the browser process, such as sensitive\n data from other opened tabs. An attacker could also\n inject malicious code into advertising networks used by\n trusted sites or embed malicious code on a compromised,\n but trusted, site. The update addresses the\n vulnerability by correcting how the WebAudio Library\n handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2018-8339)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8266, CVE-2018-8381)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly validates hyperlinks before\n loading executable libraries. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2018-8399, CVE-2018-8404)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly allow cross-frame\n interaction. An attacker who successfully exploited this\n vulnerability could allow an attacker to obtain browser\n frame or window state from a different domain. For an\n attack to be successful, an attacker must persuade a\n user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying\n permission to read the state of the object model, to\n which frames or windows on different domains should not\n have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in\n Microsoft browsers allowing sandbox escape. An attacker\n who successfully exploited the vulnerability could use\n the sandbox escape to elevate privileges on an affected\n system. This vulnerability by itself does not allow\n arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2018-8357)\n\n - An Elevation of Privilege vulnerability exists when\n Diagnostics Hub Standard Collector allows file creation\n in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373,\n CVE-2018-8389)\n\n - An elevation of privilege vulnerability exists when the\n DirectX Graphics Kernel (DXGKRNL) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2018-8401, CVE-2018-8405,\n CVE-2018-8406)\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - A spoofing vulnerability exists when Microsoft Edge\n improperly handles specific HTML content. An attacker\n who successfully exploited this vulnerability could\n trick a user into believing that the user was on a\n legitimate website. The specially crafted website could\n either spoof content or serve as a pivot to chain an\n attack with other vulnerabilities in web services.\n (CVE-2018-8388)\");\n # https://support.microsoft.com/en-us/help/4343885/windows-10-update-kb4343885\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2be0b30b\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4343885 as well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8414\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-08\";\nkbs = make_list('4343885');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\nproductname = get_kb_item_or_exit(\"SMB/ProductName\");\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"15063\",\n rollup_date:\"08_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4343885])\n )\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-07T23:26:12", "description": "The remote Windows host is missing security update 4343897.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. (CVE-2018-8343)\n\n - A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2018-8400, CVE-2018-8401, CVE-2018-8405, CVE-2018-8406)\n\n - A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8390)\n\n - A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on as an administrator, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with elevated privileges. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges. (CVE-2018-8414)\n\n - A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8347)\n\n - A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8350)\n\n - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2018-8345)\n\n - A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerability to obtain privileged information from the browser process, such as sensitive data from other opened tabs. An attacker could also inject malicious code into advertising networks used by trusted sites or embed malicious code on a compromised, but trusted, site. The update addresses the vulnerability by correcting how the WebAudio Library handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2018-8339)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8266, CVE-2018-8381)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8399, CVE-2018-8404)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying permission to read the state of the object model, to which frames or windows on different domains should not have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2018-8357)\n\n - An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373, CVE-2018-8389)\n\n - A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8377)\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.\n (CVE-2018-8388)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "KB4343897: Windows 10 Version 1709 And Windows Server Version 1709 August 2018 Security Update (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0952", "CVE-2018-3615", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-8204", "CVE-2018-8266", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8341", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8347", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8350", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8355", "CVE-2018-8357", "CVE-2018-8360", "CVE-2018-8370", "CVE-2018-8371", "CVE-2018-8372", "CVE-2018-8373", "CVE-2018-8377", "CVE-2018-8381", "CVE-2018-8385", "CVE-2018-8388", "CVE-2018-8389", "CVE-2018-8390", "CVE-2018-8394", "CVE-2018-8398", "CVE-2018-8399", "CVE-2018-8400", "CVE-2018-8401", "CVE-2018-8403", "CVE-2018-8404", "CVE-2018-8405", "CVE-2018-8406", "CVE-2018-8414"], "modified": "2022-03-29T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_AUG_4343897.NASL", "href": "https://www.tenable.com/plugins/nessus/111687", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111687);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/29\");\n\n script_cve_id(\n \"CVE-2018-3615\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-0952\",\n \"CVE-2018-8200\",\n \"CVE-2018-8204\",\n \"CVE-2018-8266\",\n \"CVE-2018-8316\",\n \"CVE-2018-8339\",\n \"CVE-2018-8341\",\n \"CVE-2018-8343\",\n \"CVE-2018-8344\",\n \"CVE-2018-8345\",\n \"CVE-2018-8347\",\n \"CVE-2018-8348\",\n \"CVE-2018-8349\",\n \"CVE-2018-8350\",\n \"CVE-2018-8351\",\n \"CVE-2018-8353\",\n \"CVE-2018-8355\",\n \"CVE-2018-8357\",\n \"CVE-2018-8360\",\n \"CVE-2018-8370\",\n \"CVE-2018-8371\",\n \"CVE-2018-8372\",\n \"CVE-2018-8373\",\n \"CVE-2018-8377\",\n \"CVE-2018-8381\",\n \"CVE-2018-8385\",\n \"CVE-2018-8388\",\n \"CVE-2018-8389\",\n \"CVE-2018-8390\",\n \"CVE-2018-8394\",\n \"CVE-2018-8398\",\n \"CVE-2018-8399\",\n \"CVE-2018-8400\",\n \"CVE-2018-8401\",\n \"CVE-2018-8403\",\n \"CVE-2018-8404\",\n \"CVE-2018-8405\",\n \"CVE-2018-8406\",\n \"CVE-2018-8414\"\n );\n script_bugtraq_id(\n 104977,\n 104978,\n 104980,\n 104982,\n 104983,\n 104984,\n 104985,\n 104986,\n 104987,\n 104988,\n 104992,\n 104995,\n 104998,\n 104999,\n 105001,\n 105005,\n 105006,\n 105007,\n 105008,\n 105011,\n 105012,\n 105016,\n 105027,\n 105030,\n 105041,\n 105048\n );\n script_xref(name:\"MSKB\", value:\"4343897\");\n script_xref(name:\"MSFT\", value:\"MS18-4343897\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n\n script_name(english:\"KB4343897: Windows 10 Version 1709 And Windows Server Version 1709 August 2018 Security Update (Foreshadow)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4343897.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8344)\n\n - An elevation of privilege vulnerability exists in the\n Network Driver Interface Specification (NDIS) when\n ndis.sys fails to check the length of a buffer prior to\n copying memory to it. (CVE-2018-8343)\n\n - A remote code execution vulnerability exists in\n "Microsoft COM for Windows" when it fails to\n properly handle serialized objects. An attacker who\n successfully exploited the vulnerability could use a\n specially crafted file or script to perform actions. In\n an email attack scenario, an attacker could exploit the\n vulnerability by sending the specially crafted file to\n the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists when the\n DirectX Graphics Kernel (DXGKRNL) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2018-8400, CVE-2018-8401,\n CVE-2018-8405, CVE-2018-8406)\n\n - A remote code execution vulnerability exists in the way\n that the ChakraCore scripting engine handles objects in\n memory. The vulnerability could corrupt memory in such a\n way that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8390)\n\n - A remote code execution vulnerability exists when the\n Windows Shell does not properly validate file paths. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in the context of the current\n user. If the current user is logged on as an\n administrator, an attacker could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with elevated privileges. Users whose accounts\n are configured to have fewer privileges on the system\n could be less impacted than users who operate with\n administrative privileges. (CVE-2018-8414)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows when the Windows kernel fails to\n properly handle parsing of certain symbolic links. An\n attacker who successfully exploited this vulnerability\n could potentially access privileged registry keys and\n thereby elevate permissions. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8347)\n\n - A remote code execution vulnerability exists when\n Microsoft Windows PDF Library improperly handles objects\n in memory. The vulnerability could corrupt memory in a\n way that enables an attacker to execute arbitrary code\n in the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. If the current\n user is logged on with administrative user rights, an\n attacker could take control of an affected system. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2018-8350)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows that could allow remote code execution\n if a .LNK file is processed. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. (CVE-2018-8345)\n\n - A information disclosure vulnerability exists when\n WebAudio Library improperly handles audio requests. An\n attacker who has successfully exploited this\n vulnerability might be able to read privileged data\n across trust boundaries. In browsing scenarios, an\n attacker could convince a user to visit a malicious site\n and leverage the vulnerability to obtain privileged\n information from the browser process, such as sensitive\n data from other opened tabs. An attacker could also\n inject malicious code into advertising networks used by\n trusted sites or embed malicious code on a compromised,\n but trusted, site. The update addresses the\n vulnerability by correcting how the WebAudio Library\n handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2018-8339)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8266, CVE-2018-8381)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly validates hyperlinks before\n loading executable libraries. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2018-8399, CVE-2018-8404)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly allow cross-frame\n interaction. An attacker who successfully exploited this\n vulnerability could allow an attacker to obtain browser\n frame or window state from a different domain. For an\n attack to be successful, an attacker must persuade a\n user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying\n permission to read the state of the object model, to\n which frames or windows on different domains should not\n have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in\n Microsoft browsers allowing sandbox escape. An attacker\n who successfully exploited the vulnerability could use\n the sandbox escape to elevate privileges on an affected\n system. This vulnerability by itself does not allow\n arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2018-8357)\n\n - An Elevation of Privilege vulnerability exists when\n Diagnostics Hub Standard Collector allows file creation\n in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373,\n CVE-2018-8389)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8377)\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - A spoofing vulnerability exists when Microsoft Edge\n improperly handles specific HTML content. An attacker\n who successfully exploited this vulnerability could\n trick a user into believing that the user was on a\n legitimate website. The specially crafted website could\n either spoof content or serve as a pivot to chain an\n attack with other vulnerabilities in web services.\n (CVE-2018-8388)\");\n # https://support.microsoft.com/en-us/help/4343897/windows-10-update-kb4343897\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?770b7995\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4343897 as well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8414\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-08\";\nkbs = make_list('4343897');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"16299\",\n rollup_date:\"08_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4343897])\n )\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-07T23:25:40", "description": "The remote Windows host is missing security update 4343909.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8344)\n\n - A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8377, CVE-2018-8387)\n\n - An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. (CVE-2018-8343)\n\n - A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2018-8400, CVE-2018-8401, CVE-2018-8405, CVE-2018-8406)\n\n - A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8390)\n\n - A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on as an administrator, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with elevated privileges. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges. (CVE-2018-8414)\n\n - A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.\n (CVE-2018-8383)\n\n - A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8347)\n\n - A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8350)\n\n - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2018-8345)\n\n - A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerability to obtain privileged information from the browser process, such as sensitive data from other opened tabs. An attacker could also inject malicious code into advertising networks used by trusted sites or embed malicious code on a compromised, but trusted, site. The update addresses the vulnerability by correcting how the WebAudio Library handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. (CVE-2018-8339)\n\n - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8266, CVE-2018-8380, CVE-2018-8381)\n\n - A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2018-8399, CVE-2018-8404)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying permission to read the state of the object model, to which frames or windows on different domains should not have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. (CVE-2018-8357)\n\n - An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373, CVE-2018-8389)\n\n - An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.\n (CVE-2018-8388)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-14T00:00:00", "type": "nessus", "title": "KB4343909: Windows 10 Version 1803 and Windows Server Version 1803 August 2018 Security Update (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0952", "CVE-2018-3615", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-8200", "CVE-2018-8204", "CVE-2018-8266", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8341", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8347", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8350", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8355", "CVE-2018-8357", "CVE-2018-8360", "CVE-2018-8370", "CVE-2018-8371", "CVE-2018-8372", "CVE-2018-8373", "CVE-2018-8377", "CVE-2018-8380", "CVE-2018-8381", "CVE-2018-8383", "CVE-2018-8385", "CVE-2018-8387", "CVE-2018-8388", "CVE-2018-8389", "CVE-2018-8390", "CVE-2018-8394", "CVE-2018-8398", "CVE-2018-8399", "CVE-2018-8400", "CVE-2018-8401", "CVE-2018-8403", "CVE-2018-8404", "CVE-2018-8405", "CVE-2018-8406", "CVE-2018-8414"], "modified": "2022-03-29T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_AUG_4343909.NASL", "href": "https://www.tenable.com/plugins/nessus/111692", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111692);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/29\");\n\n script_cve_id(\n \"CVE-2018-0952\",\n \"CVE-2018-3615\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-8200\",\n \"CVE-2018-8204\",\n \"CVE-2018-8266\",\n \"CVE-2018-8316\",\n \"CVE-2018-8339\",\n \"CVE-2018-8341\",\n \"CVE-2018-8343\",\n \"CVE-2018-8344\",\n \"CVE-2018-8345\",\n \"CVE-2018-8347\",\n \"CVE-2018-8348\",\n \"CVE-2018-8349\",\n \"CVE-2018-8350\",\n \"CVE-2018-8351\",\n \"CVE-2018-8353\",\n \"CVE-2018-8355\",\n \"CVE-2018-8357\",\n \"CVE-2018-8360\",\n \"CVE-2018-8370\",\n \"CVE-2018-8371\",\n \"CVE-2018-8372\",\n \"CVE-2018-8373\",\n \"CVE-2018-8377\",\n \"CVE-2018-8380\",\n \"CVE-2018-8381\",\n \"CVE-2018-8383\",\n \"CVE-2018-8385\",\n \"CVE-2018-8387\",\n \"CVE-2018-8388\",\n \"CVE-2018-8389\",\n \"CVE-2018-8390\",\n \"CVE-2018-8394\",\n \"CVE-2018-8398\",\n \"CVE-2018-8399\",\n \"CVE-2018-8400\",\n \"CVE-2018-8401\",\n \"CVE-2018-8403\",\n \"CVE-2018-8404\",\n \"CVE-2018-8405\",\n \"CVE-2018-8406\",\n \"CVE-2018-8414\"\n );\n script_xref(name:\"MSKB\", value:\"4343909\");\n script_xref(name:\"MSFT\", value:\"MS18-4343909\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n\n script_name(english:\"KB4343909: Windows 10 Version 1803 and Windows Server Version 1803 August 2018 Security Update (Foreshadow)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4343909.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8341, CVE-2018-8348)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited the vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2018-8344)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8377,\n CVE-2018-8387)\n\n - An elevation of privilege vulnerability exists in the\n Network Driver Interface Specification (NDIS) when\n ndis.sys fails to check the length of a buffer prior to\n copying memory to it. (CVE-2018-8343)\n\n - A remote code execution vulnerability exists in\n "Microsoft COM for Windows" when it fails to\n properly handle serialized objects. An attacker who\n successfully exploited the vulnerability could use a\n specially crafted file or script to perform actions. In\n an email attack scenario, an attacker could exploit the\n vulnerability by sending the specially crafted file to\n the user and convincing the user to open the file.\n (CVE-2018-8349)\n\n - An elevation of privilege vulnerability exists when the\n DirectX Graphics Kernel (DXGKRNL) driver improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. (CVE-2018-8400, CVE-2018-8401,\n CVE-2018-8405, CVE-2018-8406)\n\n - A remote code execution vulnerability exists in the way\n that the ChakraCore scripting engine handles objects in\n memory. The vulnerability could corrupt memory in such a\n way that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8390)\n\n - A remote code execution vulnerability exists when the\n Windows Shell does not properly validate file paths. An\n attacker who successfully exploited this vulnerability\n could run arbitrary code in the context of the current\n user. If the current user is logged on as an\n administrator, an attacker could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with elevated privileges. Users whose accounts\n are configured to have fewer privileges on the system\n could be less impacted than users who operate with\n administrative privileges. (CVE-2018-8414)\n\n - A spoofing vulnerability exists when Microsoft Edge does\n not properly parse HTTP content. An attacker who\n successfully exploited this vulnerability could trick a\n user by redirecting the user to a specially crafted\n website. The specially crafted website could either\n spoof content or serve as a pivot to chain an attack\n with other vulnerabilities in web services.\n (CVE-2018-8383)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8200, CVE-2018-8204)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8355, CVE-2018-8372, CVE-2018-8385)\n\n - An elevation of privilege vulnerability exists in\n Microsoft Windows when the Windows kernel fails to\n properly handle parsing of certain symbolic links. An\n attacker who successfully exploited this vulnerability\n could potentially access privileged registry keys and\n thereby elevate permissions. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8347)\n\n - A remote code execution vulnerability exists when\n Microsoft Windows PDF Library improperly handles objects\n in memory. The vulnerability could corrupt memory in a\n way that enables an attacker to execute arbitrary code\n in the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. If the current\n user is logged on with administrative user rights, an\n attacker could take control of an affected system. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2018-8350)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows that could allow remote code execution\n if a .LNK file is processed. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. (CVE-2018-8345)\n\n - A information disclosure vulnerability exists when\n WebAudio Library improperly handles audio requests. An\n attacker who has successfully exploited this\n vulnerability might be able to read privileged data\n across trust boundaries. In browsing scenarios, an\n attacker could convince a user to visit a malicious site\n and leverage the vulnerability to obtain privileged\n information from the browser process, such as sensitive\n data from other opened tabs. An attacker could also\n inject malicious code into advertising networks used by\n trusted sites or embed malicious code on a compromised,\n but trusted, site. The update addresses the\n vulnerability by correcting how the WebAudio Library\n handles audio requests. (CVE-2018-8370)\n\n - An elevation of privilege vulnerability exists in the\n Windows Installer when the Windows Installer fails to\n properly sanitize input leading to an insecure library\n loading behavior. A locally authenticated attacker could\n run arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. The security update addresses the vulnerability\n by correcting the input sanitization error to preclude\n unintended elevation. (CVE-2018-8339)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8266, CVE-2018-8380,\n CVE-2018-8381)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly validates hyperlinks before\n loading executable libraries. An attacker who\n successfully exploited this vulnerability could take\n control of an affected system. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8316)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2018-8399, CVE-2018-8404)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2018-8394, CVE-2018-8398)\n\n - A remote code execution vulnerability exists in the way\n that Microsoft browsers access objects in memory. The\n vulnerability could corrupt memory in a way that could\n allow an attacker to execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8403)\n\n - An information disclosure vulnerability exists when\n affected Microsoft browsers improperly allow cross-frame\n interaction. An attacker who successfully exploited this\n vulnerability could allow an attacker to obtain browser\n frame or window state from a different domain. For an\n attack to be successful, an attacker must persuade a\n user to open a malicious website from a secure website.\n This update addresses the vulnerability by denying\n permission to read the state of the object model, to\n which frames or windows on different domains should not\n have access. (CVE-2018-8351)\n\n - An elevation of privilege vulnerability exists in\n Microsoft browsers allowing sandbox escape. An attacker\n who successfully exploited the vulnerability could use\n the sandbox escape to elevate privileges on an affected\n system. This vulnerability by itself does not allow\n arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. (CVE-2018-8357)\n\n - An Elevation of Privilege vulnerability exists when\n Diagnostics Hub Standard Collector allows file creation\n in arbitrary locations. (CVE-2018-0952)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8353, CVE-2018-8371, CVE-2018-8373,\n CVE-2018-8389)\n\n - An information disclosure vulnerability exists in\n Microsoft .NET Framework that could allow an attacker to\n access information in multi-tenant environments. The\n vulnerability is caused when .NET Framework is used in\n high-load/high-density network connections where content\n from one stream can blend into another stream.\n (CVE-2018-8360)\n\n - A spoofing vulnerability exists when Microsoft Edge\n improperly handles specific HTML content. An attacker\n who successfully exploited this vulnerability could\n trick a user into believing that the user was on a\n legitimate website. The specially crafted website could\n either spoof content or serve as a pivot to chain an\n attack with other vulnerabilities in web services.\n (CVE-2018-8388)\");\n # https://support.microsoft.com/en-us/help/4343909/windows-10-update-kb4343909\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3356f605\");\n # https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8902cebb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4343909 as well as refer to the KB article for additional information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8414\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_windows_env_vars.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-08\";\nkbs = make_list('4343909');\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17134\",\n rollup_date:\"08_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4343909])\n )\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:33:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8360"], "description": "This host is missing an important security\n update according to Microsoft KB4344152", "modified": "2019-05-20T00:00:00", "published": "2018-08-15T00:00:00", "id": "OPENVAS:1361412562310813766", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813766", "type": "openvas", "title": "Microsoft .NET Framework Information Disclosure Vulnerability (KB4344152)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Information Disclosure Vulnerability (KB4344152)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813766\");\n script_version(\"2019-05-20T11:12:48+0000\");\n script_cve_id(\"CVE-2018-8360\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 11:12:48 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 11:25:10 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft .NET Framework Information Disclosure Vulnerability (KB4344152)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4344152\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists when .NET Framework is used\n in high-load/high-density network connections where content from one stream\n can blend into another stream.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to access information in multi-tenant environments.\");\n\n script_tag(name:\"affected\", value:\".NET Framework 3.5.1 for Windows 7 SP1 and\n Windows Server 2008 R2 SP1\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4344152\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nkey2 = \"SOFTWARE\\Microsoft\\.NETFramework\\AssemblyFolders\\\";\nforeach item (registry_enum_keys(key:key2))\n{\n path = registry_get_sz(key:key2 + item, item:\"All Assemblies In\");\n if(path)\n {\n dllVer = fetch_file_version(sysPath:path, file_name:\"system.identitymodel.dll\");\n if(!dllVer || dllVer !~ \"^3\\.\"){\n continue;\n }\n\n if(version_in_range(version:dllVer, test_version:\"3.0.4506.7082\", test_version2:\"3.0.4506.8799\"))\n {\n report = report_fixed_ver(file_checked:path + \"system.identitymodel.dll\",\n file_version:dllVer, vulnerable_range:\"3.0.4506.7082 - 3.0.4506.8799\");\n security_message(data:report);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-06-08T23:06:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8360"], "description": "This host is missing an important security\n update according to Microsoft KB4344146", "modified": "2020-06-04T00:00:00", "published": "2018-08-15T00:00:00", "id": "OPENVAS:1361412562310813760", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813760", "type": "openvas", "title": "Microsoft .NET Framework Information Disclosure Vulnerability (KB4344146)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Information Disclosure Vulnerability (KB4344146)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813760\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8360\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 09:31:10 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft .NET Framework Information Disclosure Vulnerability (KB4344146)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4344146\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists when .NET Framework is used\n in high-load/high-density network connections where content from one stream\n can blend into another stream.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to access information in multi-tenant environments.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Microsoft Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1 and for .NET Framework 4.6 for Microsoft Windows Server 2008 SP2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4344146\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2008:3, win2008x64:3, win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key))\n{\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"mscorlib.dll\");\n if(!dllVer || dllVer !~ \"^4\\.[67]\\.\"){\n continue;\n }\n\n if(version_is_less(version:dllVer, test_version:\"4.7.3133.0\"))\n {\n report = report_fixed_ver(file_checked:dotPath + \"mscorlib.dll\",\n file_version:dllVer, vulnerable_range:\"4.6 - 4.7.3132\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8360"], "description": "This host is missing an important security\n update according to Microsoft KB4344149", "modified": "2019-05-20T00:00:00", "published": "2018-08-15T00:00:00", "id": "OPENVAS:1361412562310813763", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813763", "type": "openvas", "title": "Microsoft .NET Framework Information Disclosure Vulnerability (KB4344149)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Information Disclosure Vulnerability (KB4344149)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813763\");\n script_version(\"2019-05-20T11:12:48+0000\");\n script_cve_id(\"CVE-2018-8360\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 11:12:48 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 10:51:10 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft .NET Framework Information Disclosure Vulnerability (KB4344149)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4344149\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists when .NET Framework is used\n in high-load/high-density network connections where content from one stream\n can blend into another stream.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to access information in multi-tenant environments.\");\n\n script_tag(name:\"affected\", value:\".NET Framework 4.5.2 for Windows 7 SP1,\n Server 2008 R2 SP1, and Server 2008 SP2\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4344149\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2008:3, win2008x64:3, win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key))\n{\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"system.dll\");\n if(!dllVer || dllVer !~ \"^4\\.\"){\n continue;\n }\n\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36459\"))\n {\n report = report_fixed_ver(file_checked:dotPath + \"\\system.dll\",\n file_version:dllVer, vulnerable_range: \"4.0.30319.30000 - 4.0.30319.36459\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-06-08T23:06:08", "description": "This host is missing an important security\n update according to Microsoft KB4344147", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4344147)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8202", "CVE-2018-8360"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813759", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813759", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (KB4344147)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813759\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8360\", \"CVE-2018-8202\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 09:11:10 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4344147)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4344147\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists\n\n - When .NET Framework is used in high-load/high-density network connections\n where content from one stream can blend into another stream.\n\n - An error in how .NET Framework activates COM objects.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to access information in multi-tenant environments and elevate their privilege\n level.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.5.2 for Microsoft Windows 8.1 and Microsoft Windows Server 2012 R2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4344147\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key))\n{\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n sysdllVer = fetch_file_version(sysPath:dotPath, file_name:\"mscorlib.dll\");\n if(!sysdllVer|| sysdllVer !~ \"^4\\.\"){\n continue;\n }\n\n if(version_in_range(version:sysdllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36459\"))\n {\n report = report_fixed_ver(file_checked:dotPath + \"mscorlib.dll\",\n file_version:sysdllVer, vulnerable_range:\"4.0.30319.30000 - 4.0.30319.36459\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:05", "description": "This host is missing a critical security\n update according to Microsoft KB4343892", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4343892)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8401", "CVE-2018-0952", "CVE-2018-8200", "CVE-2018-8343", "CVE-2018-8406", "CVE-2018-8345", "CVE-2018-8351", "CVE-2018-8403", "CVE-2018-8372", "CVE-2018-8405", "CVE-2018-8339", "CVE-2018-8344", "CVE-2018-8355", "CVE-2018-8394", "CVE-2018-3646", "CVE-2018-8316", "CVE-2018-8373", "CVE-2018-8357", "CVE-2018-8266", "CVE-2018-3620", "CVE-2018-8404", "CVE-2018-3615", "CVE-2018-8348", "CVE-2018-8370", "CVE-2018-8341", "CVE-2018-8204", "CVE-2018-8385", "CVE-2018-8381", "CVE-2018-8371", "CVE-2018-8360", "CVE-2018-8389", "CVE-2018-8398", "CVE-2018-8353", "CVE-2018-8349"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813841", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813841", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4343892)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813841\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-3615\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-0952\",\n \"CVE-2018-8200\", \"CVE-2018-8204\", \"CVE-2018-8266\", \"CVE-2018-8316\",\n \"CVE-2018-8339\", \"CVE-2018-8341\", \"CVE-2018-8343\", \"CVE-2018-8344\",\n \"CVE-2018-8345\", \"CVE-2018-8348\", \"CVE-2018-8349\", \"CVE-2018-8351\",\n \"CVE-2018-8355\", \"CVE-2018-8357\", \"CVE-2018-8360\", \"CVE-2018-8353\",\n \"CVE-2018-8370\", \"CVE-2018-8371\", \"CVE-2018-8372\", \"CVE-2018-8373\",\n \"CVE-2018-8381\", \"CVE-2018-8385\", \"CVE-2018-8389\", \"CVE-2018-8394\",\n \"CVE-2018-8398\", \"CVE-2018-8401\", \"CVE-2018-8403\", \"CVE-2018-8404\",\n \"CVE-2018-8405\", \"CVE-2018-8406\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 12:09:21 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4343892)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4343892\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - A new speculative execution side channel vulnerability known as L1 Terminal\n Fault.\n\n - Diagnostics Hub Standard Collector allows file creation in arbitrary locations.\n\n - Multiple security feature bypass vulnerability exists in Device Guard.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Internet Explorer improperly validates hyperlinks before loading executable\n libraries.\n\n - Windows Installer fails to properly sanitize input leading to an insecure library\n loading behavior.\n\n - Windows kernel and DirectX Graphics Kernel (DXGKRNL) driver improperly handles\n objects in memory.\n\n - NDIS fails to check the length of a buffer prior to copying memory to it.\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - An improper processing for a .LNK file.\n\n - 'Microsoft COM for Windows' fails to properly handle serialized objects.\n\n - Microsoft browsers improperly allow cross-frame interaction.\n\n - Microsoft browsers allowing sandbox escape.\n\n - Microsoft Edge improperly handles redirect requests and specific HTML content.\n\n - Microsoft .NET Framework improperly access information in multi-tenant environments.\n\n - WebAudio Library improperly handles audio requests.\n\n - Windows GDI component improperly discloses the contents of its memory.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, run processes in an elevated context, obtain\n information to further compromise the user's system, trick a user into believing\n that the user was on a legitimate website, read privileged data across trust\n boundaries and also bypass certain security restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 for 32-bit Systems\n\n - Microsoft Windows 10 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4343892\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.10240.0\", test_version2:\"11.0.10240.17945\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.10240.0 - 11.0.10240.17945\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T13:29:06", "description": "This host is missing a critical security\n update according to Microsoft KB4343887", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4343887)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8401", "CVE-2018-0952", "CVE-2018-8200", "CVE-2018-8343", "CVE-2018-8406", "CVE-2018-8345", "CVE-2018-8351", "CVE-2018-8358", "CVE-2018-8403", "CVE-2018-8372", "CVE-2018-8388", "CVE-2018-8405", "CVE-2018-8339", "CVE-2018-8344", "CVE-2018-8355", "CVE-2018-8394", "CVE-2018-3646", "CVE-2018-8316", "CVE-2018-8373", "CVE-2018-8357", "CVE-2018-8266", "CVE-2018-3620", "CVE-2018-8404", "CVE-2018-3615", "CVE-2018-8348", "CVE-2018-8370", "CVE-2018-8341", "CVE-2018-8204", "CVE-2018-8347", "CVE-2018-8385", "CVE-2018-8381", "CVE-2018-8253", "CVE-2018-8371", "CVE-2018-8340", "CVE-2018-8360", "CVE-2018-8389", "CVE-2018-8398", "CVE-2018-8353", "CVE-2018-8349"], "modified": "2019-12-20T00:00:00", "id": "OPENVAS:1361412562310813840", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813840", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4343887)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813840\");\n script_version(\"2019-12-20T10:24:46+0000\");\n script_cve_id(\"CVE-2018-3615\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-0952\",\n \"CVE-2018-8200\", \"CVE-2018-8204\", \"CVE-2018-8253\", \"CVE-2018-8266\",\n \"CVE-2018-8316\", \"CVE-2018-8339\", \"CVE-2018-8340\", \"CVE-2018-8341\",\n \"CVE-2018-8343\", \"CVE-2018-8344\", \"CVE-2018-8345\", \"CVE-2018-8347\",\n \"CVE-2018-8348\", \"CVE-2018-8349\", \"CVE-2018-8351\", \"CVE-2018-8353\",\n \"CVE-2018-8355\", \"CVE-2018-8357\", \"CVE-2018-8358\", \"CVE-2018-8360\",\n \"CVE-2018-8370\", \"CVE-2018-8371\", \"CVE-2018-8372\", \"CVE-2018-8373\",\n \"CVE-2018-8381\", \"CVE-2018-8385\", \"CVE-2018-8388\", \"CVE-2018-8389\",\n \"CVE-2018-8394\", \"CVE-2018-8398\", \"CVE-2018-8401\", \"CVE-2018-8403\",\n \"CVE-2018-8404\", \"CVE-2018-8405\", \"CVE-2018-8406\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 10:24:46 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 11:42:20 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4343887)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4343887\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - A new speculative execution side channel vulnerability known as L1 Terminal\n Fault.\n\n - Diagnostics Hub Standard Collector allows file creation in arbitrary locations.\n\n - Multiple security feature bypass vulnerability exists in Device Guard.\n\n - Microsoft Cortana allows arbitrary website browsing on the lockscreen.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Internet Explorer improperly validates hyperlinks before loading executable\n libraries.\n\n - Windows Installer fails to properly sanitize input leading to an insecure library\n loading behavior.\n\n - Active Directory Federation Services (AD FS) improperly handles multi-factor\n authentication requests.\n\n - Windows kernel, DirectX Graphics Kernel (DXGKRNL) driver and Win32k component\n improperly handles objects in memory.\n\n - NDIS fails to check the length of a buffer prior to copying memory to it.\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - An improper processing for a .LNK file.\n\n - Windows kernel fails to properly handle parsing of certain symbolic links.\n\n - 'Microsoft COM for Windows' fails to properly handle serialized objects.\n\n - Microsoft browsers improperly allow cross-frame interaction.\n\n - Microsoft browsers allowing sandbox escape.\n\n - Microsoft .NET Framework improperly access information in multi-tenant environments.\n\n - WebAudio Library improperly handles audio requests.\n\n - Windows GDI component improperly discloses the contents of its memory.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, run processes in an elevated context, obtain\n information to further compromise the user's system, trick a user into believing\n that the user was on a legitimate website, read privileged data across trust\n boundaries and also bypass certain security restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1607 x32/x64\n\n - Microsoft Windows Server 2016\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4343887\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2016:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.14393.0\", test_version2:\"11.0.14393.2429\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.14393.0 - 11.0.14393.2429\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:05:59", "description": "This host is missing a critical security\n update according to Microsoft KB4343885", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4343885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8401", "CVE-2018-0952", "CVE-2018-8200", "CVE-2018-8343", "CVE-2018-8406", "CVE-2018-8345", "CVE-2018-8351", "CVE-2018-8403", "CVE-2018-8372", "CVE-2018-8388", "CVE-2018-8405", "CVE-2018-8339", "CVE-2018-8344", "CVE-2018-8355", "CVE-2018-8350", "CVE-2018-8394", "CVE-2018-3646", "CVE-2018-8316", "CVE-2018-8373", "CVE-2018-8357", "CVE-2018-8390", "CVE-2018-8266", "CVE-2018-3620", "CVE-2018-8404", "CVE-2018-8399", "CVE-2018-3615", "CVE-2018-8348", "CVE-2018-8370", "CVE-2018-8341", "CVE-2018-8204", "CVE-2018-8414", "CVE-2018-8347", "CVE-2018-8385", "CVE-2018-8381", "CVE-2018-8371", "CVE-2018-8360", "CVE-2018-8389", "CVE-2018-8398", "CVE-2018-8353", "CVE-2018-8349"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813844", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813844", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4343885)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813844\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-3615\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-0952\",\n \"CVE-2018-8200\", \"CVE-2018-8204\", \"CVE-2018-8266\", \"CVE-2018-8316\",\n \"CVE-2018-8339\", \"CVE-2018-8341\", \"CVE-2018-8343\", \"CVE-2018-8344\",\n \"CVE-2018-8345\", \"CVE-2018-8347\", \"CVE-2018-8348\", \"CVE-2018-8349\",\n \"CVE-2018-8350\", \"CVE-2018-8351\", \"CVE-2018-8353\", \"CVE-2018-8355\",\n \"CVE-2018-8357\", \"CVE-2018-8360\", \"CVE-2018-8370\", \"CVE-2018-8371\",\n \"CVE-2018-8372\", \"CVE-2018-8373\", \"CVE-2018-8381\", \"CVE-2018-8385\",\n \"CVE-2018-8388\", \"CVE-2018-8389\", \"CVE-2018-8390\", \"CVE-2018-8394\",\n \"CVE-2018-8398\", \"CVE-2018-8399\", \"CVE-2018-8401\", \"CVE-2018-8403\",\n \"CVE-2018-8404\", \"CVE-2018-8405\", \"CVE-2018-8406\", \"CVE-2018-8414\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 13:17:43 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4343885)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4343885\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - A new speculative execution side channel vulnerability known as L1 Terminal\n Fault.\n\n - Diagnostics Hub Standard Collector allows file creation in arbitrary locations.\n\n - Multiple security feature bypass vulnerability exists in Device Guard.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Internet Explorer improperly validates hyperlinks before loading executable\n libraries.\n\n - Windows Installer fails to properly sanitize input leading to an insecure library\n loading behavior.\n\n - Windows kernel and DirectX Graphics Kernel (DXGKRNL) driver improperly handles\n objects in memory.\n\n - NDIS fails to check the length of a buffer prior to copying memory to it.\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - An improper processing for a .LNK file.\n\n - 'Microsoft COM for Windows' fails to properly handle serialized objects.\n\n - Microsoft browsers improperly allow cross-frame interaction.\n\n - Microsoft browsers allowing sandbox escape.\n\n - Microsoft Edge improperly handles redirect requests and specific HTML content.\n\n - Microsoft .NET Framework improperly access information in multi-tenant environments.\n\n - WebAudio Library improperly handles audio requests.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows PDF Library improperly handles objects in memory.\n\n - Windows Shell does not properly validate file paths.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, run processes in an elevated context, obtain\n information to further compromise the user's system, trick a user into believing\n that the user was on a legitimate website, read privileged data across trust\n boundaries and also bypass certain security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1703 x32/x64.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4343885\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.15063.0\", test_version2:\"11.0.15063.1265\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.15063.0 - 11.0.15063.1265\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:01", "description": "This host is missing a critical security\n update according to Microsoft KB4343897", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4343897)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8401", "CVE-2018-0952", "CVE-2018-8200", "CVE-2018-8343", "CVE-2018-8406", "CVE-2018-8345", "CVE-2018-8351", "CVE-2018-8377", "CVE-2018-8403", "CVE-2018-8372", "CVE-2018-8388", "CVE-2018-8405", "CVE-2018-8339", "CVE-2018-8344", "CVE-2018-8400", "CVE-2018-8355", "CVE-2018-8350", "CVE-2018-8394", "CVE-2018-3646", "CVE-2018-8316", "CVE-2018-8373", "CVE-2018-8357", "CVE-2018-8390", "CVE-2018-8266", "CVE-2018-3620", "CVE-2018-8404", "CVE-2018-8399", "CVE-2018-3615", "CVE-2018-8348", "CVE-2018-8370", "CVE-2018-8341", "CVE-2018-8204", "CVE-2018-8414", "CVE-2018-8347", "CVE-2018-8385", "CVE-2018-8381", "CVE-2018-8371", "CVE-2018-8340", "CVE-2018-8360", "CVE-2018-8389", "CVE-2018-8398", "CVE-2018-8353", "CVE-2018-8349"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813842", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4343897)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813842\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-3615\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-0952\",\n \"CVE-2018-8200\", \"CVE-2018-8204\", \"CVE-2018-8266\", \"CVE-2018-8350\",\n \"CVE-2018-8316\", \"CVE-2018-8339\", \"CVE-2018-8340\", \"CVE-2018-8341\",\n \"CVE-2018-8343\", \"CVE-2018-8344\", \"CVE-2018-8345\", \"CVE-2018-8347\",\n \"CVE-2018-8348\", \"CVE-2018-8349\", \"CVE-2018-8351\", \"CVE-2018-8353\",\n \"CVE-2018-8355\", \"CVE-2018-8357\", \"CVE-2018-8377\", \"CVE-2018-8360\",\n \"CVE-2018-8370\", \"CVE-2018-8371\", \"CVE-2018-8372\", \"CVE-2018-8373\",\n \"CVE-2018-8381\", \"CVE-2018-8385\", \"CVE-2018-8390\", \"CVE-2018-8389\",\n \"CVE-2018-8394\", \"CVE-2018-8398\", \"CVE-2018-8401\", \"CVE-2018-8403\",\n \"CVE-2018-8399\", \"CVE-2018-8400\", \"CVE-2018-8404\", \"CVE-2018-8405\",\n \"CVE-2018-8406\", \"CVE-2018-8414\", \"CVE-2018-8388\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 12:31:47 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4343897)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4343897\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - A new speculative execution side channel vulnerability known as L1 Terminal\n Fault.\n\n - Diagnostics Hub Standard Collector allows file creation in arbitrary locations.\n\n - Multiple security feature bypass vulnerability exists in Device Guard.\n\n - Microsoft Windows PDF Library improperly handles objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Internet Explorer improperly validates hyperlinks before loading executable\n libraries.\n\n - Windows Installer fails to properly sanitize input leading to an insecure library\n loading behavior.\n\n - Active Directory Federation Services (AD FS) improperly handles multi-factor\n authentication requests.\n\n - Windows kernel, DirectX Graphics Kernel (DXGKRNL) driver and Win32k component\n improperly handles objects in memory.\n\n - NDIS fails to check the length of a buffer prior to copying memory to it.\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - An improper processing for a .LNK file.\n\n - Windows kernel fails to properly handle parsing of certain symbolic links.\n\n - 'Microsoft COM for Windows' fails to properly handle serialized objects.\n\n - Microsoft browsers improperly allow cross-frame interaction.\n\n - Microsoft browsers allowing sandbox escape.\n\n - Microsoft Edge improperly handles redirect requests and specific HTML content.\n\n - Microsoft .NET Framework improperly access information in multi-tenant environments.\n\n - WebAudio Library improperly handles audio requests.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Microsoft Edge improperly accesses objects in memory.\n\n - Windows Shell does not properly validate file paths.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, run processes in an elevated context, obtain\n information to further compromise the user's system, trick a user into believing\n that the user was on a legitimate website, read privileged data across trust\n boundaries and also bypass certain security restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1709 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4343897\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.610\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.610\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:03", "description": "This host is missing a critical security\n update according to Microsoft KB4343909", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4343909)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8401", "CVE-2018-0952", "CVE-2018-8200", "CVE-2018-8343", "CVE-2018-8406", "CVE-2018-8345", "CVE-2018-8351", "CVE-2018-8377", "CVE-2018-8403", "CVE-2018-8372", "CVE-2018-8388", "CVE-2018-8405", "CVE-2018-8339", "CVE-2018-8387", "CVE-2018-8344", "CVE-2018-8400", "CVE-2018-8355", "CVE-2018-8350", "CVE-2018-8394", "CVE-2018-3646", "CVE-2018-8316", "CVE-2018-8373", "CVE-2018-8357", "CVE-2018-8383", "CVE-2018-8390", "CVE-2018-8266", "CVE-2018-3620", "CVE-2018-8404", "CVE-2018-8399", "CVE-2018-8380", "CVE-2018-3615", "CVE-2018-8348", "CVE-2018-8370", "CVE-2018-8341", "CVE-2018-8204", "CVE-2018-8414", "CVE-2018-8347", "CVE-2018-8385", "CVE-2018-8381", "CVE-2018-8371", "CVE-2018-8340", "CVE-2018-8360", "CVE-2018-8389", "CVE-2018-8398", "CVE-2018-8353", "CVE-2018-8349"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310813843", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813843", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4343909)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813843\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-3615\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-0952\",\n \"CVE-2018-8200\", \"CVE-2018-8204\", \"CVE-2018-8266\", \"CVE-2018-8316\",\n \"CVE-2018-8339\", \"CVE-2018-8340\", \"CVE-2018-8341\", \"CVE-2018-8343\",\n \"CVE-2018-8344\", \"CVE-2018-8345\", \"CVE-2018-8347\", \"CVE-2018-8348\",\n \"CVE-2018-8349\", \"CVE-2018-8350\", \"CVE-2018-8351\", \"CVE-2018-8353\",\n \"CVE-2018-8355\", \"CVE-2018-8357\", \"CVE-2018-8360\", \"CVE-2018-8370\",\n \"CVE-2018-8371\", \"CVE-2018-8372\", \"CVE-2018-8373\", \"CVE-2018-8377\",\n \"CVE-2018-8380\", \"CVE-2018-8381\", \"CVE-2018-8383\", \"CVE-2018-8385\",\n \"CVE-2018-8387\", \"CVE-2018-8388\", \"CVE-2018-8389\", \"CVE-2018-8390\",\n \"CVE-2018-8394\", \"CVE-2018-8398\", \"CVE-2018-8399\", \"CVE-2018-8400\",\n \"CVE-2018-8401\", \"CVE-2018-8403\", \"CVE-2018-8404\", \"CVE-2018-8405\",\n \"CVE-2018-8406\", \"CVE-2018-8414\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 13:05:04 +0530 (Wed, 15 Aug 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4343909)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4343909\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaw exists due to,\n\n - A new speculative execution side channel vulnerability known as L1 Terminal\n Fault.\n\n - Diagnostics Hub Standard Collector allows file creation in arbitrary locations.\n\n - Multiple security feature bypass vulnerability exists in Device Guard.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Internet Explorer improperly validates hyperlinks before loading executable libraries.\n\n - Windows Installer fails to properly sanitize input leading to an insecure library\n loading behavior.\n\n - Windows kernel and DirectX Graphics Kernel (DXGKRNL) driver improperly handles\n objects in memory.\n\n - NDIS fails to check the length of a buffer prior to copying memory to it.\n\n - Windows font library improperly handles specially crafted embedded fonts.\n\n - An improper processing for a .LNK file.\n\n - 'Microsoft COM for Windows' fails to properly handle serialized objects.\n\n - Microsoft browsers improperly allow cross-frame interaction.\n\n - Microsoft browsers allowing sandbox escape.\n\n - Microsoft Edge improperly handles redirect requests and specific HTML content.\n\n - Microsoft .NET Framework improperly access information in multi-tenant environments.\n\n - WebAudio Library improperly handles audio requests.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows PDF Library improperly handles objects in memory.\n\n - Microsoft Edge does not properly parse HTTP content.\n\n - Windows Shell does not properly validate file paths.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, run processes in an elevated context, obtain\n information to further compromise the user's system, trick a user into believing\n that the user was on a legitimate website, read privileged data across trust\n boundaries and also bypass certain security restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1803 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1803 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4343909\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.227\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.227\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2022-01-19T14:59:19", "description": "### *Detect date*:\n08/14/2018\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information.\n\n### *Affected products*:\nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 for x64-based Systems \nWindows 10 for 32-bit Systems \nWindows Server 2016 \nWindows 10 Version 1703 for x64-based Systems \nWindows 10 Version 1703 for 32-bit Systems \nWindows 10 Version 1709 for 32-bit Systems \nWindows 10 Version 1803 for 32-bit Systems \nWindows 10 Version 1803 for x64-based Systems \nMicrosoft Visual Studio 2015 Update 3 \nMicrosoft Visual Studio 2017 \nMicrosoft .NET Framework 3.5.1 \nMicrosoft .NET Framework 3.5 \nMicrosoft .NET Framework 4.5.2 \nMicrosoft .NET Framework 3.0 Service Pack 2 \nMicrosoft .NET Framework 2.0 Service Pack 2 \nMicrosoft .NET Framework 4.7.2 \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2 \nMicrosoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 \nMicrosoft .NET Framework 4.7/4.7.1/4.7.2 \nMicrosoft .NET Framework 4.7.1/4.7.2 \nWindows 10 Version 1709 for x64-based Systems \nWindows Server, version 1803 (Server Core Installation) \nWindows Server 2016 (Server Core installation) \nWindows Server, version 1709 (Server Core Installation) \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2018-0952](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0952>) \n[CVE-2018-8360](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8360>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *CVE-IDS*:\n[CVE-2018-0952](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0952>)7.2High \n[CVE-2018-8360](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8360>)5.0Critical\n\n### *KB list*:\n[4344151](<http://support.microsoft.com/kb/4344151>) \n[4344146](<http://support.microsoft.com/kb/4344146>) \n[4343909](<http://support.microsoft.com/kb/4343909>) \n[4344166](<http://support.microsoft.com/kb/4344166>) \n[4344177](<http://support.microsoft.com/kb/4344177>) \n[4344178](<http://support.microsoft.com/kb/4344178>) \n[4344147](<http://support.microsoft.com/kb/4344147>) \n[4344148](<http://support.microsoft.com/kb/4344148>) \n[4343885](<http://support.microsoft.com/kb/4343885>) \n[4344172](<http://support.microsoft.com/kb/4344172>) \n[4344144](<http://support.microsoft.com/kb/4344144>) \n[4343887](<http://support.microsoft.com/kb/4343887>) \n[4344149](<http://support.microsoft.com/kb/4344149>) \n[4344175](<http://support.microsoft.com/kb/4344175>) \n[4344165](<http://support.microsoft.com/kb/4344165>) \n[4344167](<http://support.microsoft.com/kb/4344167>) \n[4343892](<http://support.microsoft.com/kb/4343892>) \n[4344153](<http://support.microsoft.com/kb/4344153>) \n[4344150](<http://support.microsoft.com/kb/4344150>) \n[4344152](<http://support.microsoft.com/kb/4344152>) \n[4344176](<http://support.microsoft.com/kb/4344176>) \n[4344171](<http://support.microsoft.com/kb/4344171>) \n[4344173](<http://support.microsoft.com/kb/4344173>) \n[4344145](<http://support.microsoft.com/kb/4344145>) \n[4343897](<http://support.microsoft.com/kb/4343897>) \n[4469516](<http://support.microsoft.com/kb/4469516>)\n\n### *Microsoft official advisories*:\n\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-14T00:00:00", "type": "kaspersky", "title": "KLA11305 Multiple vulnerabilities in Microsoft Developer Tools", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0952", "CVE-2018-8360"], "modified": "2022-01-18T00:00:00", "id": "KLA11305", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11305/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "talosblog": [{"lastseen": "2018-09-08T09:19:42", "description": "Microsoft released its monthly set of security advisories today for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 62 new vulnerabilities, 20 of which are rated \u201ccritical,\u201d 38 that are rated \u201cimportant,\u201d one that is rated moderate and one that is rated as low severity. These vulnerabilities impact Windows Operating System, Edge and Internet Explorer, along with several other products.\n\n \n\n\nIn addition to the 60 vulnerabilities referenced above, Microsoft has also released a critical update advisory, ADV180020 which addresses the vulnerabilities described in the Adobe Flash Security Bulletin APSB18-25.\n\n \n\n\n### Critical Vulnerabilities\n\n \n\n\nThis month, Microsoft is addressing 20 vulnerabilities that are rated \"critical.\" Talos believes 10 of these are notable and require prompt attention.\n\n \n\n\n[CVE-2018-8273](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273>) is a remote code execution vulnerability in the Microsoft SQL Server that could allow an attacker who successfully exploits the vulnerability to execute code in the context of the SQL Server Database Engine Service account.\n\n \n\n\n[CVE-2018-8302](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8302>) is a remote code execution vulnerability in the Microsoft Exchange email and calendar software that could allow an attacker who successfully exploits the vulnerability to run arbitrary code in the context of the system user when the software fails to properly handle objects in memory.\n\n \n\n\n[CVE-2018-8344](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8344>) is a remote code execution vulnerability that exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system. This vulnerability can be exploited in multiple ways. By leveraging a web-based attack, an attacker can convince a user to visit a web page that has been specially crafted to exploit this vulnerability. This could be in the form of an attacker-controlled webpage, or simply a page that hosts external content, such as advertisements. An attacker can also provide a specially crafted document that is designed to exploit the vulnerability, and then convince users to open the document file.\n\n \n\n\n[CVE-2018-8350](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8350>) is a remote code execution vulnerability that exists when the Microsoft Windows PDF Library improperly handles objects in memory. An attacker who successfully exploits the vulnerability could gain the same user rights as the current user. The vulnerability can be exploited simply by viewing a website that hosts a malicious PDF file on a Windows 10 system with Microsoft Edge set as the default browser. On other affected systems, that do not render PDF content automatically, an attacker would have to convince users to open a specially crafted PDF document, such as a PDF attachment to an email message.\n\n \n\n\n[CVE-2018-8266](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266>), [CVE-2018-8355](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355>), [CVE-2018-8380](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380>), [CVE-2018-8381](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8381>) and [CVE-2018-8384](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384>) are remote code execution vulnerabilities that exist in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. An attacker who successfully exploits the vulnerability can potentially gain the same user rights as the current user. This vulnerability could be leveraged in web-based attacks where a user is convinced to visit a web page that has been specially crafted to exploit this vulnerability. This could be in the form of an attacker-controlled webpage, or simply a page that hosts external content, such as advertisements.\n\n \n\n\n[CVE-2018-8397](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8397>) is a remote code execution vulnerability that exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system. This vulnerability can be exploited in multiple ways. By leveraging a web-based attack, an attacker can convince a user to visit a webpage that has been specially crafted to exploit this vulnerability. This could be in the form of an attacker-controlled webpage, or simply a page that hosts external content, such as advertisements. An attacker can also provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file.\n\nOther vulnerabilities deemed \"critical\" are listed below:\n\n \n\n\n[CVE-2018-8345](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8345>) LNK Remote Code Execution Vulnerability\n\n[CVE-2018-8359](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8359>) Scripting Engine Memory Corruption Vulnerability\n\n[CVE-2018-8371](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8371>) Scripting Engine Memory Corruption Vulnerability\n\n[CVE-2018-8372](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8372>) Scripting Engine Memory Corruption Vulnerability\n\n[CVE-2018-8373](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8373>) Scripting Engine Memory Corruption Vulnerability\n\n[CVE-2018-8377](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8377>) Microsoft Edge Memory Corruption Vulnerability\n\n[CVE-2018-8385](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385>) Scripting Engine Memory Corruption Vulnerability\n\n[CVE-2018-8387](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8387>) Microsoft Edge Memory Corruption Vulnerability\n\n[CVE-2018-8390](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8390>) Scripting Engine Memory Corruption Vulnerability\n\n[CVE-2018-8403](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8403>) Microsoft Browser Memory Corruption Vulnerability\n\n### Important Vulnerabilities\n\n \n\n\nThis month, Microsoft is addressing 38 vulnerabilities that are rated \"important.\" Talos believes two of these are notable and require prompt attention.\n\n \n\n\n[CVE-2018-8200](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200>) is a vulnerability that exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploits this vulnerability can potentially inject code into a trusted PowerShell process to bypass the Device Guard code integrity policy on the local machine. To exploit the vulnerability, an attacker would first have to access the local machine and then inject malicious code into a script that is trusted by the policy. The injected code would then run with the same trust level as the script and bypass the policy.\n\n \n\n\n[CVE-2018-8340](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8340>) is a vulnerability in the Windows Authentication Methods, and enables an Active Directory Federation Services (AD FS) Security Bypass vulnerability. An attacker who successfully exploits this vulnerability could bypass some, but not all, of the authentication factors.\n\n \n\n\nOther vulnerabilities deemed \"important\" are listed below:\n\n \n\n\n[CVE-2018-0952](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0952>) Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability\n\n[CVE-2018-8204](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8204>) Device Guard Code Integrity Policy Security Feature Bypass Vulnerability\n\n[CVE-2018-8253](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8253>) Cortana Elevation of Privilege Vulnerability\n\n[CVE-2018-8316](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8316>) Internet Explorer Remote Code Execution Vulnerability\n\n[CVE-2018-8339](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8339>) Windows Installer Elevation of Privilege Vulnerability\n\n[CVE-2018-8341](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8341>) Windows Kernel Information Disclosure Vulnerability\n\n[CVE-2018-8342](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8342>) Windows NDIS Elevation of Privilege Vulnerability\n\n[CVE-2018-8343](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8343>) Windows NDIS Elevation of Privilege Vulnerability\n\n[CVE-2018-8346](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8346>) LNK Remote Code Execution Vulnerability\n\n[CVE-2018-8347](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8347>) Windows Kernel Elevation of Privilege Vulnerability\n\n[CVE-2018-8348](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8348>) Windows Kernel Information Disclosure Vulnerability\n\n[CVE-2018-8349](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8349>) Microsoft COM for Windows Remote Code Execution Vulnerability\n\n[CVE-2018-8351](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8351>) Microsoft Edge Information Disclosure Vulnerability\n\n[CVE-2018-8353](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8353>) Scripting Engine Memory Corruption Vulnerability\n\n[CVE-2018-8357](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8357>) Microsoft Browser Elevation of Privilege Vulnerability\n\n[CVE-2018-8358](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8358>) Microsoft Browser Security Feature Bypass Vulnerability\n\n[CVE-2018-8360](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8360>) .NET Framework Information Disclosure Vulnerability\n\n[CVE-2018-8370](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8370>) Microsoft Edge Information Disclosure Vulnerability\n\n[CVE-2018-8375](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375>) Microsoft Excel Remote Code Execution Vulnerability\n\n[CVE-2018-8376](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8376>) Microsoft PowerPoint Remote Code Execution Vulnerability\n\n[CVE-2018-8378](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378>) Microsoft Office Information Disclosure Vulnerability\n\n[CVE-2018-8379](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8379>) Microsoft Excel Remote Code Execution Vulnerability\n\n[CVE-2018-8382](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382>) Microsoft Excel Information Disclosure Vulnerability\n\n[CVE-2018-8383](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8383>) Microsoft Edge Spoofing Vulnerability\n\n[CVE-2018-8389](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8389>) Scripting Engine Memory Corruption Vulnerability\n\n[CVE-2018-8394](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8394>) Windows GDI Information Disclosure Vulnerability\n\n[CVE-2018-8396](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8396>) Windows GDI Information Disclosure Vulnerability\n\n[CVE-2018-8398](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8398>) Windows GDI Information Disclosure Vulnerability\n\n[CVE-2018-8399](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8399>) Win32k Elevation of Privilege Vulnerability\n\n[CVE-2018-8400](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8400>) DirectX Graphics Kernel Elevation of Privilege Vulnerability\n\n[CVE-2018-8401](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8401>) DirectX Graphics Kernel Elevation of Privilege Vulnerability\n\n[CVE-2018-8404](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8404>) Win32k Elevation of Privilege Vulnerability\n\n[CVE-2018-8405](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8405>) DirectX Graphics Kernel Elevation of Privilege Vulnerability\n\n[CVE-2018-8406](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8406>) DirectX Graphics Kernel Elevation of Privilege Vulnerability\n\n[CVE-2018-8412](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8412>) Microsoft (MAU) Office Elevation of Privilege Vulnerability\n\n[CVE-2018-8414](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414>) Windows Shell Remote Code Execution Vulnerability\n\n### Coverage\n\n \n\n\nIn response to these vulnerability disclosures, Talos is releasing the following Snort rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org.\n\n \n\n\nSnort Rules:\n\n \n\n\n45877-45878, 46548-46549, 46999-47002, 47474-47493, 47495-47496, 47503-47504, 47512-47513, 47515-47520\n\n \n![](http://feeds.feedburner.com/~r/feedburner/Talos/~4/8ZjMNLg4_Bs)", "cvss3": {}, "published": "2018-08-14T11:26:00", "type": "talosblog", "title": "Microsoft Tuesday August 2018", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2018-0952", "CVE-2018-8200", "CVE-2018-8204", "CVE-2018-8253", "CVE-2018-8266", "CVE-2018-8273", "CVE-2018-8302", "CVE-2018-8316", "CVE-2018-8339", "CVE-2018-8340", "CVE-2018-8341", "CVE-2018-8342", "CVE-2018-8343", "CVE-2018-8344", "CVE-2018-8345", "CVE-2018-8346", "CVE-2018-8347", "CVE-2018-8348", "CVE-2018-8349", "CVE-2018-8350", "CVE-2018-8351", "CVE-2018-8353", "CVE-2018-8355", "CVE-2018-8357", "CVE-2018-8358", "CVE-2018-8359", "CVE-2018-8360", "CVE-2018-8370", "CVE-2018-8371", "CVE-2018-8372", "CVE-2018-8373", "CVE-2018-8375", "CVE-2018-8376", "CVE-2018-8377", "CVE-2018-8378", "CVE-2018-8379", "CVE-2018-8380", "CVE-2018-8381", "CVE-2018-8382", "CVE-2018-8383", "CVE-2018-8384", "CVE-2018-8385", "CVE-2018-8387", "CVE-2018-8389", "CVE-2018-8390", "CVE-2018-8394", "CVE-2018-8396", "CVE-2018-8397", "CVE-2018-8398", "CVE-2018-8399", "CVE-2018-8400", "CVE-2018-8401", "CVE-2018-8403", "CVE-2018-8404", "CVE-2018-8405", "CVE-2018-8406", "CVE-2018-8412", "CVE-2018-8414"], "modified": "2018-08-14T18:26:00", "id": "TALOSBLOG:A9E55A97439608C62C1BF62669B8074A", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/8ZjMNLg4_Bs/ms-tuesday.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}