MS13-054: Description of the security update for Windows DirectWrite: July 9, 2013

Article translations Article translations
Article ID: 2835361
Expand all | Collapse all

On This Page

Introduction

This update resolves a vulnerability that could allow remote code execution on a client system if a user opens a specially crafted document or visits a specially crafted webpage that embeds TrueType font files.

Summary

Microsoft has released security bulletin MS13-054. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More information about this security update

Download information

This update is available for download from the Microsoft Download Center:
Windows Vista Service Pack 2 (32-bit)

Windows Vista Service Pack 2 (64-bit)

Windows Server 2008 Service Pack 2 (32-bit)

Windows Server 2008 Service Pack 2 (64-bit)

Windows 7 Service Pack 1 (32-bit)

Windows 7 Service Pack 1 (64-bit)

Windows Server 2008 R2 Service Pack 1 (64-bit)

Windows Server 2008 R2 Service Pack 1 (IA-64)

Windows 8 (32-bit)

Windows 8 (64-bit)

Windows Server 2012

Windows Server 2012 (Server Core)


Information about DirectWrite and this security update

By default, DirectWrite is not installed on supported editions of Windows Vista Service Pack 2. On this operating system, DirectWrite is installed as part of the Windows Graphics, Imaging, and XPS Library update, the Platform Update Supplement update, or the Update for DirectWrite and XPS update. This update is applicable only if any of these updates are installed on the computer.

Restart information

You must restart the computer after you install this security update.

Removal information

Note We do not recommend that you remove any security update.
For Windows Vista or Windows Server 2008 and later versions
To remove an update that is installed by Windows Update Stand-alone Installer (Wusa.exe), use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates. Then, select from the list of updates.

Security update replacement information

This security update replaces MS12-034: Description of the security update for DirectWrite in Windows: May 8, 2012.

File information

Collapse this imageExpand this image
assets folding start collapsed
The English (United States) version of this hotfix installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.
Windows Vista and Windows Server 2008 file information notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table.
    Collapse this tableExpand this table
    VersionProductMilestoneService branch
    6.0.6002.18xxxWindows Vista SP2 and Windows Server 2008 SP2SP2GDR
    6.0.6002.23xxxWindows Vista SP2 and Windows Server 2008 SP2SP2LDR
  • Service Pack 1 is integrated into the original release version of Windows Server 2008. Therefore, RTM milestone files apply only to Windows Vista. RTM milestone files have a 6.0.0000.xxxxxx version number.
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.

For all supported x86-based versions of Windows Vista and of Windows Server 2008
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
D2d1.dll7.0.6002.18827683,00817-Apr-201310:24x86
D2d1.dll7.0.6002.23097683,00817-Apr-201310:14x86
Fntcache.dll7.0.6002.18827798,20817-Apr-201310:20x86
Fntcache.dll7.0.6002.23097798,20817-Apr-201310:10x86
Dwrite.dll7.0.6002.188271,069,05617-Apr-201310:21x86
Dwrite.dll7.0.6002.230971,069,05617-Apr-201310:10x86
D3d10level9.dll7.0.6002.18827486,40017-Apr-201310:47x86
D3d10level9.dll7.0.6002.23097486,40017-Apr-201310:33x86
D3d10_1.dll7.0.6002.18827160,76817-Apr-201312:30x86
D3d10_1core.dll7.0.6002.18827219,64817-Apr-201312:30x86
D3d10_1.dll7.0.6002.23097160,76817-Apr-201311:28x86
D3d10_1core.dll7.0.6002.23097219,64817-Apr-201311:28x86
D3d10.dll7.0.6002.188271,029,12017-Apr-201312:30x86
D3d10core.dll7.0.6002.18827189,95217-Apr-201312:30x86
D3d10.dll7.0.6002.230971,029,12017-Apr-201311:28x86
D3d10core.dll7.0.6002.23097189,95217-Apr-201311:28x86
D3d10warp.dll7.0.6002.188271,172,48017-Apr-201310:48x86
D3d10warp.dll7.0.6002.230971,172,48017-Apr-201310:34x86
For all supported x64-based versions of Windows Vista and of Windows Server 2008
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
D2d1.dll7.0.6002.18827834,04817-Apr-201310:57x64
D2d1.dll7.0.6002.23097834,04817-Apr-201311:02x64
Fntcache.dll7.0.6002.188271,149,44017-Apr-201310:53x64
Fntcache.dll7.0.6002.230971,149,44017-Apr-201310:58x64
Dwrite.dll7.0.6002.188271,556,48017-Apr-201310:53x64
Dwrite.dll7.0.6002.230971,556,48017-Apr-201310:58x64
D3d10level9.dll7.0.6002.18827566,27217-Apr-201311:26x64
D3d10level9.dll7.0.6002.23097566,27217-Apr-201311:27x64
D3d10_1.dll7.0.6002.18827196,09617-Apr-201313:04x64
D3d10_1core.dll7.0.6002.18827327,68017-Apr-201313:04x64
D3d10_1.dll7.0.6002.23097196,09617-Apr-201312:32x64
D3d10_1core.dll7.0.6002.23097327,68017-Apr-201312:32x64
D3d10.dll7.0.6002.188271,268,22417-Apr-201313:04x64
D3d10core.dll7.0.6002.18827287,23217-Apr-201313:04x64
D3d10.dll7.0.6002.230971,268,22417-Apr-201312:32x64
D3d10core.dll7.0.6002.23097287,23217-Apr-201312:32x64
D3d10warp.dll7.0.6002.188272,002,94417-Apr-201311:28x64
D3d10warp.dll7.0.6002.230972,002,94417-Apr-201311:29x64
D2d1.dll7.0.6002.18827683,00817-Apr-201310:24x86
D2d1.dll7.0.6002.23097683,00817-Apr-201310:14x86
Dwrite.dll7.0.6002.188271,069,05617-Apr-201310:21x86
Dwrite.dll7.0.6002.230971,069,05617-Apr-201310:10x86
D3d10level9.dll7.0.6002.18827486,40017-Apr-201310:47x86
D3d10level9.dll7.0.6002.23097486,40017-Apr-201310:33x86
D3d10_1.dll7.0.6002.18827160,76817-Apr-201312:30x86
D3d10_1core.dll7.0.6002.18827219,64817-Apr-201312:30x86
D3d10_1.dll7.0.6002.23097160,76817-Apr-201311:28x86
D3d10_1core.dll7.0.6002.23097219,64817-Apr-201311:28x86
D3d10.dll7.0.6002.188271,029,12017-Apr-201312:30x86
D3d10core.dll7.0.6002.18827189,95217-Apr-201312:30x86
D3d10.dll7.0.6002.230971,029,12017-Apr-201311:28x86
D3d10core.dll7.0.6002.23097189,95217-Apr-201311:28x86
D3d10warp.dll7.0.6002.188271,172,48017-Apr-201310:48x86
D3d10warp.dll7.0.6002.230971,172,48017-Apr-201310:34x86
Windows 7 and Windows Server 2008 R2 file information notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

    Collapse this tableExpand this table
    VersionProductMilestoneService branch
    6.1.7601.18xxxWindows 7 and Windows Server 2008 R2 SP1GDR
    6.1.7601.22xxxWindows 7 and Windows Server 2008 R2SP1LDR

  • The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.

For all supported x86-based versions of Windows 7
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Dwrite.dll6.1.7601.181261,077,76010-Apr-201305:02x86
Dwrite.dll6.1.7601.222961,077,76010-Apr-201305:14x86
Dwrite.dll6.2.9200.165711,247,74409-Apr-201323:34x86
Dwrite.dll6.2.9200.206751,247,74410-Apr-201305:15x86
For all supported x64-based versions of Windows 7 and of Windows Server 2008 R2
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Dwrite.dll6.1.7601.181261,545,72810-Apr-201305:45x64
Dwrite.dll6.1.7601.222961,545,72810-Apr-201305:21x64
Dwrite.dll6.2.9200.165711,643,52002-Apr-201322:51x64
Dwrite.dll6.2.9200.206751,643,52010-Apr-201305:21x64
Dwrite.dll6.1.7601.181261,077,76010-Apr-201305:02x86
Dwrite.dll6.1.7601.222961,077,76010-Apr-201305:14x86
Dwrite.dll6.2.9200.165711,247,74409-Apr-201323:34x86
Dwrite.dll6.2.9200.206751,247,74410-Apr-201305:15x86
For all supported IA-64-based versions of Windows Server 2008 R2
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Dwrite.dll6.1.7601.181263,011,58410-Apr-201304:35IA-64
Dwrite.dll6.1.7601.222963,012,09610-Apr-201304:27IA-64
Dwrite.dll6.1.7601.181261,077,76010-Apr-201305:02x86
Dwrite.dll6.1.7601.222961,077,76010-Apr-201305:14x86
Windows 8 and Windows Server 2012 file information notes
Important Windows 8 and Windows Server 2012 hotfixes are included in the same packages. However, only "Windows 8" is listed on the Hotfix Request page. To request the hotfix package that applies to one or both operating systems, select the hotfix that is listed under "Windows 8" on the page. Always refer to the "Applies To" section in articles to determine the actual operating system that each hotfix applies to.
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table.
    Collapse this tableExpand this table
    VersionProductMilestoneService branch
    6.2.920 0.16 xxxWindows 8 and Windows Server 2012RTMGDR
    6.2.920 0.20 xxxWindows 8 and Windows Server 2012RTMLDR
  • The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.
For all supported x86-based versions of Windows 8
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Dwrite.dll6.2.9200.165811,421,31211-Apr-201322:30x86
Dwrite.dll6.2.9200.206851,417,21611-Apr-201322:35x86
For all supported x64-based versions of Windows 8 and of Windows Server 2012
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Dwrite.dll6.2.9200.165791,838,08011-Apr-201322:22x64
Dwrite.dll6.2.9200.206821,836,54411-Apr-201323:16x64
Dwrite.dll6.2.9200.165811,421,31211-Apr-201322:30x86
Dwrite.dll6.2.9200.206851,417,21611-Apr-201322:35x86
Collapse this imageExpand this image
assets folding end collapsed

Applies to

This article applies to the following:
  • Windows 8
  • Windows RT
  • Windows Server 2012
  • Windows 7 Service Pack 1
  • Windows Server 2008 R2 Service Pack 1
  • Windows Vista Service Pack 2
  • Windows Server 2008 Service Pack 2

Properties

Article ID: 2835361 - Last Review: July 11, 2013 - Revision: 2.0
Keywords: 
kbsecvulnerability kbsecurity kbsecbulletin kbfix kbexpertiseinter kbbug atdownload KB2835361

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com