Description of the security update for the .NET Framework 4.5.1 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: December 10, 2013

September 9, 2014 This security update has been re-released and contains updated files. We recommend that you apply this updated security update.


This security update resolves a vulnerability in the Microsoft .NET Framework 4.5.1 that could allow elevation of privilege on a server system if a user views a specially crafted webpage by using a web browser that can run ASP.NET applications.

This security update applies to Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2.


Microsoft has released security advisory 2905247 for the Microsoft .NET Framework.

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More information about this security update

Download information

To install this update, install it from Microsoft Windows Update.

Additionally, you can install this update from the Microsoft Download Center.

Installation information

Before you apply this update, make sure that you resolve any view state message authentication code (MAC) errors that you may have. For information about how to do this, see Resolving view state message authentication code (MAC) errors in the Microsoft Knowledge Base.

Command-line switches for this update

See the various command-line switches that are supported by this Microsoft .NET Framework update.

Restart information

This update does not require a system restart after you apply it unless the files that are being updated are locked or are being used.

Update replacement information

This update replaces update 2901128 .

Update removal information

Note We do not recommend that you remove any security update.

To remove this update, use the Programs and Features item in Control Panel.

Applies to

This article applies to the following:
  • Microsoft .NET Framework 4.5.1 when used with:
    • Windows 8.1
    • Windows RT 8.1
    • Windows Server 2012 R2