This update resolves a vulnerability in the Microsoft .NET Framework. The vulnerability could allow denial of service if an attacker inserts specially crafted XSLT into a client-side XML web part that causes recursive calls on the server. To learn more about this vulnerability, see Microsoft Security Bulletin MS16-019.
Important All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
How to obtain and install this update
Method 1: Windows Update
This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see the "Turn on automatic updating in Control Panel" section of this Safety & Security Center article.
Method 2: Microsoft Download Center
You can obtain the stand-alone update package through the Microsoft Download Center. To install this update, follow the installation instructions on the download page.
The English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.