Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4338606)

Summary

This security update resolves the following vulnerabilities:

  • A "remote code execution" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2018-8284.

  • An "elevation of privilege" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2018-8202.

  • A "security feature bypass" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2018-8356.

Important

  • All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll update to be installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll update, see KB 4019990 for Windows 7 SP1 and Windows Server 2008 R2 SP1. Or, see KB 4019478 for Windows Server 2008 SP2.

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Additional information about this security update

For more information about this security update as it relates to Windows 7 SP1 and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:

4340004 Security Only update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 (KB 4340004)

For more information about this security update as it relates to Windows Server 2008, see the following article in the Microsoft Knowledge Base:

4340007 Security Only update for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 (KB 4340007)

Known issues

  • After you install any of the July 2018 .NET Framework Security Updates, a COM component fails to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. The most common failure signature is the following:

    Exception type: System.UnauthorizedAccessException

    Message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

    For more information about this issue, see the following article in the Microsoft Knowledge Base: 

    4345913 "Access Denied" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework

    To resolve this issue, install the August Security Only update KB 4345679.

  • Assume that you run the Azure Active Directory (Azure AD) Connect Health for Sync monitoring agent on a system that has .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 installed. In this scenario, the system may experience slow performance and high CPU usage.

    For more information about this issue, see the following article in the Microsoft Knowledge Base:

    4457331 Slow performance and high CPU usage in Azure AD Connect Health for Sync monitoring agent on a system that has installed .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2

How to obtain and install the update

Method 1: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog:

  • For Windows 7 SP1 and Windows Server 2008 R2 SP1, download update 4340004.

  • For Windows Server 2008, download update 4340007.

Method 2: Windows Software Update Services (WSUS)

On your WSUS server, follow these steps:

  1. Click Start, click Administrative Tools, and then click Microsoft Windows Server Update Services 3.0.

  2. Expand ComputerName, and then click Action.

  3. Click Import Updates.

  4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.

  5. After the ActiveX control is installed, you see the Microsoft Update Catalog screen. For Windows 7 SP1 and Windows Server 2008 R2 SP1, type 4340004 or for Windows Server 2008, type 4340007 in the Search box, and then click Search.

  6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click Add to add them to your basket.

  7. After you select all the packages that you require, click View Basket.

  8. To import the packages to your WSUS server, click Import.

  9. After the packages are imported, click Close to return to WSUS.

The updates are now available for installation through WSUS.

Update deployment information

For deployment details for this security update, see the following article in the Microsoft Knowledge Base:

20180710 Security update deployment information: July 10, 2018

Update removal information

Note We do not recommend that you remove any security update. To remove this update, use the Programs and Features item in Control Panel.

Update restart information

This update does not require a system restart after you apply it unless files that are being updated are locked or are being used.

Update replacement information

This update does not replace any previously released update.

File information

File hash

Package name

Package hash SHA 1

Package hash SHA 2

NDP46-KB4338606-x64.exe

63C347B905153E90BBF2E73D849CD176F3613EF4

4906F65B2D527DB9FAF1D1F9FB85C0F58ED6A5BAA30EA8FDCA4D28873D7600F1

NDP46-KB4338606-x86.exe

D1CE3602DB94EBFE6384017C537AF081DD808439

35731E379E81F4B352E906B337C12C4368B6AA2785447CC67226CEC4805BD90F


The English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

File name

File version

File size

Date

Time

clr.dll

4.7.3130.0

10,377,344

09-Jun-2018

03:11

clr.dll

4.7.3130.0

7,249,024

09-Jun-2018

02:57

clrjit.dll

4.7.3130.0

1,224,336

09-Jun-2018

03:11

clrjit.dll

4.7.3130.0

522,896

09-Jun-2018

02:57

compatjit.dll

4.7.3130.0

1,259,672

09-Jun-2018

03:11

mscordacwks.dll

4.7.3130.0

1,840,800

09-Jun-2018

03:11

mscordacwks.dll

4.7.3130.0

1,343,136

09-Jun-2018

02:57

mscordbi.dll

4.7.3130.0

1,623,704

09-Jun-2018

03:11

mscordbi.dll

4.7.3130.0

1,170,064

09-Jun-2018

02:57

mscorlib.dll

4.7.3130.0

5,418,136

09-Jun-2018

03:11

mscorlib.dll

4.7.3130.0

5,638,312

09-Jun-2018

02:57

msvcp120_clr0400.dll

12.0.52519.0

690,008

09-Jun-2018

03:12

msvcp120_clr0400.dll

12.0.52519.0

485,576

09-Jun-2018

02:58

msvcr120_clr0400.dll

12.0.52519.0

993,632

09-Jun-2018

03:12

msvcr120_clr0400.dll

12.0.52519.0

987,840

09-Jun-2018

02:58

peverify.dll

4.7.3130.0

260,760

09-Jun-2018

03:12

peverify.dll

4.7.3130.0

188,568

09-Jun-2018

02:58

ServiceMonikerSupport.dll

4.7.3130.0

31,456

09-Jun-2018

03:12

ServiceMonikerSupport.dll

4.7.3130.0

29,384

09-Jun-2018

02:58

SMDiagnostics.dll

4.7.3130.0

73,808

09-Jun-2018

02:57

SOS.dll

4.7.3130.0

872,064

09-Jun-2018

03:11

SOS.dll

4.7.3130.0

743,552

09-Jun-2018

02:57

System.Activities.dll

4.7.3130.0

1,532,544

09-Jun-2018

02:57

System.IdentityModel.dll

4.7.3130.0

1,090,176

09-Jun-2018

02:57

System.IdentityModel.Services.dll

4.7.3130.0

198,376

09-Jun-2018

02:58

System.Runtime.Serialization.dll

4.7.3130.0

1,056,456

09-Jun-2018

02:57

System.ServiceModel.Channels.dll

4.7.3130.0

157,928

09-Jun-2018

02:57

System.ServiceModel.Discovery.dll

4.7.3130.0

308,456

09-Jun-2018

02:57

System.ServiceModel.dll

4.7.3130.0

6,321,784

09-Jun-2018

02:57

System.ServiceModel.Internals.dll

4.7.3130.0

260,808

09-Jun-2018

02:57

System.ServiceModel.WasHosting.dll

4.7.3130.0

39,656

09-Jun-2018

02:58

System.Workflow.Activities.dll

4.7.3130.0

1,051,360

09-Jun-2018

02:58

System.Workflow.ComponentModel.dll

4.7.3130.0

1,542,384

09-Jun-2018

02:58

System.Workflow.Runtime.dll

4.7.3130.0

498,896

09-Jun-2018

02:58

WorkflowServiceHostPerformanceCounters.dll

4.7.3130.0

101,136

09-Jun-2018

03:11

WorkflowServiceHostPerformanceCounters.dll

4.7.3130.0

89,384

09-Jun-2018

02:57

The English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

File name

File version

File size

Date

Time

clr.dll

4.7.3130.0

7,249,024

09-Jun-2018

02:57

clrjit.dll

4.7.3130.0

522,896

09-Jun-2018

02:57

mscordacwks.dll

4.7.3130.0

1,343,136

09-Jun-2018

02:57

mscordbi.dll

4.7.3130.0

1,170,064

09-Jun-2018

02:57

mscorlib.dll

4.7.3130.0

5,638,312

09-Jun-2018

02:57

msvcp120_clr0400.dll

12.0.52519.0

485,576

09-Jun-2018

02:58

msvcr120_clr0400.dll

12.0.52519.0

987,840

09-Jun-2018

02:58

peverify.dll

4.7.3130.0

188,568

09-Jun-2018

02:58

ServiceMonikerSupport.dll

4.7.3130.0

29,384

09-Jun-2018

02:58

SMDiagnostics.dll

4.7.3130.0

73,808

09-Jun-2018

02:57

SOS.dll

4.7.3130.0

743,552

09-Jun-2018

02:57

System.Activities.dll

4.7.3130.0

1,532,544

09-Jun-2018

02:57

System.IdentityModel.dll

4.7.3130.0

1,090,176

09-Jun-2018

02:57

System.IdentityModel.Services.dll

4.7.3130.0

198,376

09-Jun-2018

02:58

System.Runtime.Serialization.dll

4.7.3130.0

1,056,456

09-Jun-2018

02:57

System.ServiceModel.Channels.dll

4.7.3130.0

157,928

09-Jun-2018

02:57

System.ServiceModel.Discovery.dll

4.7.3130.0

308,456

09-Jun-2018

02:57

System.ServiceModel.dll

4.7.3130.0

6,321,784

09-Jun-2018

02:57

System.ServiceModel.Internals.dll

4.7.3130.0

260,808

09-Jun-2018

02:57

System.ServiceModel.WasHosting.dll

4.7.3130.0

39,656

09-Jun-2018

02:58

System.Workflow.Activities.dll

4.7.3130.0

1,051,360

09-Jun-2018

02:58

System.Workflow.ComponentModel.dll

4.7.3130.0

1,542,384

09-Jun-2018

02:58

System.Workflow.Runtime.dll

4.7.3130.0

498,896

09-Jun-2018

02:58

WorkflowServiceHostPerformanceCounters.dll

4.7.3130.0

89,384

09-Jun-2018

02:57

 

How to obtain help and support for this security update

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Any additional feedback? (Optional)

Thank you for your feedback!

×