View products that this article applies to.

Introduction

This security update resolves a security feature bypass vulnerability that could let an attacker bypass the Address Space Layout Randomization (ASLR) security feature. An attacker could use this ASLR bypass vulnerability together with another vulnerability, such as a remote code execution vulnerability, to take advantage of the ASLR bypass to run arbitrary code.

Summary

Microsoft has released security bulletin MS14-057. Learn more about how to obtain the fixes that are included in this security bulletin:

  • For individual, small business, and organizational users, use the Windows automatic updating feature to install the fixes from Microsoft Update. To do this, see Get security updates automatically on the Microsoft Safety and Security Center website.

  • For IT professionals, see Microsoft Security Bulletin MS14-057 on the Security TechCenter website.

How to obtain help and support for this security update

Help installing updates: Support for Microsoft UpdateSecurity solutions for IT professionals: TechNet Security Troubleshooting and SupportHelp protect your computer that is running Windows from viruses and malware: Virus Solution and Security CenterLocal support according to your country: International Support

More information about this security update

Download information

To install this update, install it from Microsoft Windows Update.Additionally, you can install this update from the Microsoft Download Center.

Command-line switches for this update

Learn about the various command-line switches that are supported by this Microsoft .NET Framework update.

Restart information

This update does not require a system restart after you apply it unless the files that are being updated are locked or being used.

Update replacement information

This update does not replace any previously released update.

Update removal information

Note We do not recommend that you remove any security update.To remove this update, use the Programs and Features item in Control Panel.

The English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

For all supported x86-based versions of systemsGDR service branch

File name

File version

File size

Date

Time

mscorie.dll

2.0.50727.8008

44,176

12-Jun-2014

22:12

LDR service branch

File name

File version

File size

Date

Time

mscorie.dll

2.0.50727.8008

44,176

12-Jun-2014

22:11

For all supported x64-based versions of systemsGDR service branch

File name

File version

File size

Date

Time

mscorie.dll

2.0.50727.8008

37,520

12-Jun-2014

22:11

mscorie.dll

2.0.50727.8008

44,176

12-Jun-2014

22:12

LDR service branch

File name

File version

File size

Date

Time

mscorie.dll

2.0.50727.8008

37,520

12-Jun-2014

22:10

mscorie.dll

2.0.50727.8008

44,176

12-Jun-2014

22:11

Applies toThis article applies to the following:

  • Microsoft .NET Framework 3.5 when used with:

    • Windows 8.1

    • Windows Server 2012 R2

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.