MS11-044: Vulnerability in the .NET Framework could allow remote code execution: June 14, 2011

Article translations Article translations
Article ID: 2538814 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

Microsoft has released security bulletin MS11-044. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More information about this security update

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.
  • 2518870 MS11-044: Description of the security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: June 14, 2011

    The following are the known issues in security update 2518870. For more information about these known issues, see security update 2518870.
    • Every English (United States) update for the Microsoft .NET Framework 2.0 SP2 shows only the Microsoft Knowledge Base ID in the Add or Remove Programs window.
    • An update for the Microsoft .NET Framework version 4 may not install.
    • When you install an update for the .NET Framework, the installation process may fail and roll back. After the rollback is complete, some .NET Framework files in the global assembly cache (GAC) are deleted. Therefore, some .NET Framework applications may not run or may run incorrectly.
    • If an assembly file in the GAC (Global Access Cache) is locked or is "in use," it can cause .NET Framework updates to fail.
  • 2518869 MS11-044: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and on Windows Server 2008 R2 Service Pack 1: June 14, 2011

    The following is the only known issue in security update 2518869. For more information about this known issue, see security update 2518869.
    • If an assembly file in the GAC (Global Access Cache) is locked or is "in use," it can cause .NET Framework updates to fail.
  • 2518867 MS11-044: Description of the security update for the .NET Framework 3.5.1 on Windows 7 and on Windows Server 2008 R2: June 14, 2011

    The following is the only known issue in security update 2518867. For more information about this known issue, see security update 2518867.
    • If an assembly file in the GAC (Global Access Cache) is locked or is "in use," it can cause .NET Framework updates to fail.
  • 2518863 MS11-044: Description of the security update for the .NET Framework 3.5 Service Pack 1 on Windows Vista Service Pack 1 and on Windows Server 2008: June 14, 2011

    The following is the only known issue in security update 2518863. For more information about this known issue, see security update 2518863.
    • If an assembly file in the GAC (Global Access Cache) is locked or is "in use," it can cause .NET Framework updates to fail.
  • 2518864 MS11-044: Description of the security update for the .NET Framework 3.5 Service Pack 1 and .NET Framework 2.0 Service Pack 2 on Windows XP Service Pack 3 and on Windows Server 2003 Service Pack 2: June 14, 2011

    The following are the known issues in security update 2518864. For more information about these known issues, see security update 2518864.
    • When you try to install an update for the Microsoft .NET Framework 1.0, for the Microsoft .NET Framework 1.1, for the Microsoft .NET Framework 2.0, for the Microsoft .NET Framework 3.0, or for the Microsoft .NET Framework 3.5, you may receive a Microsoft Windows Update error code or a Microsoft Windows Installer error code.
    • You receive an "Error 1324. The folder 'Program Files' contains an invalid character" error message when you try to install a security update for the .NET Framework 2.0 on a computer that is running Windows Server 2003 x64 Edition.
    • Every English (United States) update for the Microsoft .NET Framework 2.0 SP2 shows only the Microsoft Knowledge Base ID in the Add or Remove Programs window.
    • When you install an update to the .NET Framework, the installation process may fail and roll back. After the rollback is complete, some .NET Framework files in the global assembly cache (GAC) are deleted. Therefore, some .NET Framework applications may not run or may run incorrectly.
    • If an assembly file in the GAC (Global Access Cache) is locked or is "in use," it can cause .NET Framework updates to fail.
  • 2530095 MS11-044: Description of the security update for the .NET Framework 3.5 on Windows XP Service Pack 3 and on Windows Server 2003 Service Pack 2: June 14, 2011

    The following are the known issues in security update 2530095. For more information about these known issues, see security update 2530095.
    • When you try to install an update for the Microsoft .NET Framework 1.0, for the Microsoft .NET Framework 1.1, for the Microsoft .NET Framework 2.0, for the Microsoft .NET Framework 3.0, or for the Microsoft .NET Framework 3.5, you may receive a Microsoft Windows Update error code or a Microsoft Windows Installer error code.
    • You receive an "Error 1324. The folder 'Program Files' contains an invalid character" error message when you try to install a security update for the .NET Framework 2.0 on a computer that is running Windows Server 2003 x64 Edition.
    • All security updates for .NET Framework 2.0 SP1 or for the .NET Framework 3.5 show "Update" or "Hotfix" instead of "Security Update" during the installation and in Add or Remove Programs after installation.
    • When you install an update to the .NET Framework, the installation process may fail and roll back. After the rollback is complete, some .NET Framework files in the global assembly cache (GAC) are deleted. Therefore, some .NET Framework applications may not run or may run incorrectly.
    • If an assembly file in the GAC (Global Access Cache) is locked or is "in use," it can cause .NET Framework updates to fail.
  • 2518865 MS11-044: Description of the security update for the .NET Framework 3.5 on Windows Vista Service Pack 1 and on Windows Server 2008: June 14, 2011

    The following is the only known issue in security update 2518865. For more information about this known issue, see security update 2518865.
    • If an assembly file in the GAC (Global Access Cache) is locked or is "in use," it can cause .NET Framework updates to fail.
  • 2518866 MS11-044: Description of the security update for the .NET Framework 3.5 Service Pack 1, Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: June 14, 2011

    The following is the only known issue in security update 2518866. For more information about this known issue, see security update 2518866.
    • If an assembly file in the GAC (Global Access Cache) is locked or is "in use," it can cause .NET Framework updates to fail.

Security update replacement information

This security update does not replace any earlier released security update.

Properties

Article ID: 2538814 - Last Review: May 8, 2012 - Revision: 3.0
APPLIES TO
  • Microsoft .NET Framework 4
  • Windows 7 Service Pack 1, when used with:
    • Windows 7 Enterprise
    • Windows 7 Home Basic
    • Windows 7 Home Premium
    • Windows 7 Professional
    • Windows 7 Ultimate
  • Windows 7 Enterprise
  • Windows 7 Home Basic
  • Windows 7 Home Premium
  • Windows 7 Professional
  • Windows 7 Ultimate
  • Windows Server 2008 R2 Service Pack 1, when used with:
    • Windows Server 2008 R2 Datacenter
    • Windows Server 2008 R2 Enterprise
    • Windows Server 2008 R2 Standard
  • Windows Server 2008 R2 Datacenter
  • Windows Server 2008 R2 Enterprise
  • Windows Server 2008 R2 Standard
  • Windows Server 2008 Service Pack 2, when used with:
    • Windows Server 2008 Datacenter
    • Windows Server 2008 Enterprise
    • Windows Server 2008 for Itanium-Based Systems
    • Windows Server 2008 Standard
    • Windows Web Server 2008
    • Windows Server 2008 Foundation
  • Windows Web Server 2008
  • Windows Vista Service Pack 2, when used with:
    • Windows Vista Business
    • Windows Vista Enterprise
    • Windows Vista Home Basic
    • Windows Vista Home Premium
    • Windows Vista Starter
    • Windows Vista Ultimate
    • Windows Vista Business 64-bit Edition
    • Windows Vista Enterprise 64-bit Edition
    • Windows Vista Home Basic 64-bit Edition
    • Windows Vista Home Premium 64-bit Edition
    • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Service Pack 1, when used with:
    • Windows Vista Business
    • Windows Vista Enterprise
    • Windows Vista Home Basic
    • Windows Vista Home Premium
    • Windows Vista Starter
    • Windows Vista Ultimate
    • Windows Vista Business 64-bit Edition
    • Windows Vista Enterprise 64-bit Edition
    • Windows Vista Home Basic 64-bit Edition
    • Windows Vista Home Premium 64-bit Edition
    • Windows Vista Ultimate 64-bit Edition
  • Microsoft Windows Server 2003 Service Pack 2, when used with:
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    • Microsoft Windows XP Professional x64 Edition
  • Windows Server 2008 Datacenter
  • Windows Server 2008 Enterprise
  • Windows Server 2008 for Itanium-Based Systems
  • Windows Server 2008 Foundation
  • Windows Server 2008 Standard
  • Microsoft .NET Framework 3.5
  • Microsoft Windows XP Service Pack 3, when used with:
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional
  • Microsoft .NET Framework 2.0 Service Pack 2
  • Microsoft .NET Framework 2.0 Service Pack 2, when used with:
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional
  • Microsoft .NET Framework 3.5 Service Pack 1
Keywords: 
kbsecvulnerability kbsecurity kbsecbulletin kbfix kbexpertiseinter kbbug atdownload KB2538814

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com