View products that this article applies to.

Introduction

This update resolves a vulnerability in the Microsoft .NET Framework that could bypass the Address Space Layout Randomization (ASLR) security feature if a user goes to a specially crafted website.

Summary

Microsoft has released security bulletin MS14-046. Learn more about how to obtain the fixes that are included in this security bulletin:

  • For individual, small business, and organizational users, use the Windows automatic updating feature to install the fixes from Microsoft Update. To do this, see Get security updates automatically on the Microsoft Safety and Security Center website.

  • For IT professionals, see Microsoft Security Bulletin MS14-046 on the Security TechCenter website.

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More Information

More information about this update

The following articles contain additional information about this update as it relates to individual product versions. The articles may contain specific information to the individual updates such as download URL, prerequisites and command line switches.



The Microsoft .NET Framework 3.5.1

  • 2943357 MS14-046: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: August 12, 2014

  • 2937610 MS14-046: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: August 12, 2014

The Microsoft .NET Framework 3.5

  • 2966828 MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 12, 2014





    Known issues in security update 2966828:

    • After you install security update 2966828 (described in Microsoft Security Bulletin MS14-046) for the Microsoft .NET Framework 3.5, and then you try to enable the Microsoft .NET Framework 3.5 optional feature in Windows Features for the very first time, the feature may not install. You may notice this failure if you "stage" the installation before you add the Microsoft .NET Framework 3.5 feature. For more information about how to work around this issue, click the following article number to view the article in the Microsoft Knowledge Base:

      3002547 Enabling the Microsoft .NET Framework 3.5 optional Windows feature on Windows 8, Windows Server 2012, Windows 8.1, or Windows Server 2012 R2 may fail after you install security update 2966827 or 2966828

  • 2966826 MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 12, 2014

  • 2966827 MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: August 12, 2014



    Known issues in security update 2966827:

    • After you install security update 2966827 (described in Microsoft Security Bulletin MS14-046) for the Microsoft .NET Framework 3.5, and then you try to enable the Microsoft .NET Framework 3.5 optional feature in Windows Features for the very first time, the feature may not install. You may notice this failure if you "stage" the installation before you add the Microsoft .NET Framework 3.5 feature. For more information about how to work around this issue, click the following article number to view the article in the Microsoft Knowledge Base:

      3002547 Enabling the Microsoft .NET Framework 3.5 optional Windows feature on Windows 8, Windows Server 2012, Windows 8.1, or Windows Server 2012 R2 may fail after you install security update 2966827 or 2966828

  • 2966825 MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: August 12, 2014

The Microsoft .NET Framework 3.0

  • 2943344 MS14-046: Description of the security update for the .NET Framework 3.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: August 12, 2014

The Microsoft .NET Framework 2.0

  • 2937608 MS14-046: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: August 12, 2014

Update replacement information

Update replacement information for each specific update can be found in the Microsoft Knowledge Base articles that correspond to this update.

File name

SHA1 hash

SHA256 hash

Windows6.0-KB980842-x64.msu

56CCB4131E94F0E4740AC65D54603AD9A2F32FDE

CC84E048D5B9A0F35F9FE981C1F0FCA67261D0C07B026B18B5626DE9ED97C6F1

Windows6.0-KB2937608-x86.msu

23446C961CA61E0C7ADBA32B459EE0863B5009CA

8E50A75C2611CA0F5A8A35891BA3915DDAD725782BA220EA91A74518C611A58A

Windows6.0-KB2901113-x86.msu

05617C64C3776658D625D3E99C398A87468C261B

B9298C5417E9E8F9E33CA0C18617EA90BA8FDB3BBE6912E6D6D0E3F8F7AABD3D

Windows6.0-KB980842-x86.msu

A6FC223B39B42789FF7A319AFEFF86DF2913D187

C41C2294AC8CEDE7308711183F8E0FA5BE9208ACBEEF5DB347BE6E0C8AF2E4AA

Windows6.0-KB2901113-ia64.msu

38B6F053764B77F556E7560DA376521000682A21

80742F7CB78A03841F1F66FBF584C9E792455B8B394795EFB5A03D60FEFE804F

Windows6.0-KB2901113-x64.msu

216A35BF2B5E7782B1480D5CDD9B647CB3B2243C

1E630D2EA29D4615F7A6E5D7352DDB8ED86112A1735E103D4361B05EEF3243CD

Windows6.0-KB2937608-ia64.msu

47B7AC276273BC21AADA6BF77CBF0B0A7D56D4C9

FA66FE7B5302A007AB209CF941DEBD91BF0E5AAC0C2E6FAB576FA772CBA807EC

Windows6.0-KB2937608-x64.msu

2B64C687F8A0DBDA4BA45652848697594E0DB089

7C2D1737F20812298EC82B203C148AE528AB7F72273452C73CAA3D28E67D2557

Windows6.0-KB980842-ia64.msu

2A2A67B37490C495E23B1EC709BACA49D06F0272

9494EDBFFE5DF90060C253C6E185DC2EE9739C144BCF1B25C2F42914078752EC

Windows6.1-KB2937610-ia64.msu

EDC8CC870280A43615F33F4CC8B80B5D19F9ECFE

32DADF17B8362C71E6C4A483E66243875B21F54653A7B287A447B4A59262EF14

Windows6.1-KB2943357-x64.msu

035199134A0E40F5EB6BF83B2781850DB5C84D81

34087D37A6BFAADF8627E35754621A82C4477C357AF2B4E2548E4592098B632C

Windows6.1-KB2943357-x86.msu

B4B1831A98CE4BF16DDA9E2432CF2EB1FE598CB7

C7B89E6DC4ED19726B0F606435FADD9BEFC87427D7A068F7808C9832B1BF7AA6

Windows6.1-KB2937610-x64.msu

4EADBBDE029E5D21EB46AAADA7B2BD012F211F6F

95BB3A42E98D5A3BB9EFBCCAE47C8A5CB0AAE65526EE44750258F4391154351B

Windows6.1-KB2937610-x86.msu

D90A5D24F180953737B45D7883B16347B00874D0

F4FDDE29D94F640F94C49B5A99BD1BAD9BC6E5E459C2B16B98AD03B83966681A

Windows6.1-KB2943357-ia64.msu

8F221DFD4E8251725B1D4CFAA551FA4E589CE9E5

22022769B68DCB8A1731DE069DA6137EFEA21FB2CCC948CCAA847842E52724FE

Windows8-RT-KB2966825-x64.msu

7DCFA04EC74B6976EB4EB8A9ACEA0DA40095F0F3

5C9ED6B1DDD1589FD431148C328AFE3EBA168FC30EFA8E6635A11741BCC209EB

Windows8-RT-KB2966827-x86.msu

F3E247F64C174DA25F263C35035AF532857F9165

1377BF8C675051B063E078A8DF71E93C8B1AF5149FB465260B8CAC2396923A92

Windows8-RT-KB2966825-x86.msu

13A4CAE84D8F9CE31F913EFD9C1C5724332FE22E

FBD36A2FF261BC1531C451A8E04C9E957387D02A49CF3E811C4B5D735765C18D

Windows8-RT-KB2966827-x64.msu

8507CB4A5D716DC4F07362BD5886D078962A9FE4

58174205C9856D43AADA12828463881DC1D0A2971F0DD3CB682AAC335D5EB4AD

Windows8.1-KB2966826-x86.msu

622403B94CBABA3E67E43E052BE4F4D92CFA34B3

6FF01C8A018183283296257E2E89CD67D322E146CC278D863C1471B28C72E7E0

Windows8.1-KB2966828-x64.msu

F31EBCFD6846F6F8685D8FC9F842C29A950A7EA0

9C7E8876CA24361D8F632033E3DF213A901A6124AF189EBDCDE28BDF22E68565

Windows8.1-KB2966828-x86.msu

B3026D534E05C6CD60A621FB2CEDACB312A54DE1

5DE7369D444F9ABCF9DA9886DA96797B3E4A7F301C3E7CE6E644D4DCF79CDF18

Windows8.1-KB2966826-x64.msu

72425C975269EFB37B5452E6E568406376915416

F8A03600F688088CF184C039AAAD61AB8465E44C767FA0ECF7A91F658E873182



Applies toThis article applies to the following:

  • Microsoft .NET Framework 3.5.1 when used with:

    • Windows 7 Service Pack 1

    • Windows Server 2008 R2 Service Pack 1

  • Microsoft .NET Framework 3.5 when used with:

    • Windows 8.1

    • Windows Server 2012 R2

    • Windows 8

    • Windows Server 2012

  • Microsoft .NET Framework 3.0 Service Pack 2 when used with:

    • Windows Vista Service Pack 2

    • Windows Server 2008 Service Pack 2

  • Microsoft .NET Framework 2.0 Service Pack 2 when used with:

    • Windows Vista Service Pack 2

    • Windows Server 2008 Service Pack 2

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×