MS13-082: Description of the security update for the .NET Framework 3.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: October 8, 2013


This update resolves vulnerabilities in the Microsoft .NET Framework that could allow remote code execution if a user goes to a website that contains a specially crafted OpenType font (OTF) file by using a browser that can run XBAP applications.


Microsoft has released the security bulletin MS13-082. You can view the complete security bulletin by going to one of the following Microsoft websites: 

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More information about this security update

Download information

This update is available for download from the Microsoft Download Center.

Command-line switches for this update

See the various command-line switches that are supported by this Microsoft .NET Framework update.

Restart information

This update does not require a system restart after you apply it unless files that are being updated are locked or are being used.

Update replacement information

This update does not replace any previously released update.

Update removal information

Note We do not recommend that you remove any security update.

To remove this update, use the Programs and Features item in Control Panel.

Applies to

This article applies to the following:
  • Microsoft .NET Framework 3.0 Service Pack 2 when used with:
    • Windows Vista Service Pack 2
    • Windows Server 2008 Service Pack 2