Starting on March 10, 2020, Microsoft Update is now offering this security update to additional versions of the Windows OS.
To learn more about the vulnerability, see CVE-2018-1037.
To apply this security update, you must have Visual Studio 2010 Service Pack 1 installed.
You may have to restart the computer after you apply this security update if an instance of Visual Studio is being used.
Security update replacement information
This security update doesn't replace other security updates.
Issues that are fixed in this security update
This hotfix addresses the PDB security issue that is described in CVE-2018-1037, where PDB file may contain uninitialized heap content in a process that updates an existing PDB file, like mspdbsrv.exe. We strongly recommend that you use the updated PDBCopy tool to check every existing PDB that is shared or distributed for this vulnerability.
File hash information
|File name||SHA1 hash||SHA256 hash|
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.