MS10-070: Description of the security update for the Microsoft .NET Framework 3.5 Service Pack 1 on Windows Vista Service Pack 1 and Windows Server 2008

Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.
INTRODUCTION
Microsoft has released security bulletin MS10-070. To view the complete security bulletin, visit one of the following Microsoft websites: 

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

MORE INFORMATION
For more information about how to configure legacy encryption mode in ASP.NET, click the following article number to view the article in the Microsoft Knowledge Base:
2425938 How to configure legacy encryption mode in ASP.NET

DOWNLOAD INFORMATION

The following file is available for download from the Microsoft Download Center:


DownloadDownload the package now.

Release Date: September 28, 2010

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Known issues and additional information about this security update

For more information about installation issues this security update or with the Microsoft .NET Framework 2.0 Service Pack, click the following article number to view the article in the Microsoft Knowledge Base:
2436257 Updates for the .NET Framework 2.0 SP2 and .NET Framework 3.0 SP2 may chain install other updates
2431728 Encrypted content in ASP.NET is not decrypted for a website that is deployed in a web farm
2263996 Patching of Microsoft Framework can fail with Access is denied or File in Use error

Command-line switches for this update

For more information about the various command-line switches that are supported by this update, click the following article number to view the article in the Microsoft Knowledge Base:
934307 Description of the Windows Update Stand-alone Installer (Wusa.exe) and of.msu files in Windows Vista and in Windows Server 2008

Restart requirement

You do not have to restart the system after you install this security update unless files that are being updated are locked or in use. However, this security update will cause all Internet Information Services (IIS)-related services to restart. These include the IISADMIN, W3SVC, FTP, and SMTP services. This behavior occurs because a base component for the .NET Framework includes instructions to restart these services. Therefore, every update to the product will execute the same instructions to restart these services.

Update removal information

To remove this security update, use the Add or Remove Programs item in Control Panel.

Update replacement information

This security update replaces the following security updates:
972594 MS09-036: Description of the ASP.NET security update for Microsoft .NET Framework 3.5 Service Pack 1 and Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 1 and on Windows Server 2008: August 11, 2009
FILE INFORMATION
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For x86-based systems

GDR files
File nameFile versionFile sizeDateTime
Aspnet_wp.exe2.0.50727.361830,54423-Sep-201013:32
Webengine.dll2.0.50727.3618435,02423-Sep-201013:32
System.web.dll2.0.50727.36185,242,88023-Sep-201013:32
LDR files
File nameFile versionFile sizeDateTime
Aspnet_wp.exe2.0.50727.505330,54423-Sep-201013:33
Webengine.dll2.0.50727.5053436,04823-Sep-201013:33
System.web.dll2.0.50727.50535,251,07223-Sep-201013:33

For x64-based systems

GDR files
File nameFile versionFile sizeDateTimePlatformService branch
Aspnet_wp.exe2.0.50727.361842,32023-Sep-201013:33x64AMD64_NETFX-ASP
Webengine.dll2.0.50727.3618743,76023-Sep-201013:34x64Not Applicable
System.web.dll2.0.50727.36185,251,07223-Sep-201013:33x64Not Applicable
Aspnet_wp.exe2.0.50727.361830,54423-Sep-201013:32x86X86_NETFX-ASP
Webengine.dll2.0.50727.3618435,02423-Sep-201013:32x86Not Applicable
System.web.dll2.0.50727.36185,242,88023-Sep-201013:32x86Not Applicable
LDR files
File nameFile versionFile sizeDateTimePlatformService branch
Aspnet_wp.exe2.0.50727.505342,32023-Sep-201013:32x64AMD64_NETFX-ASP
Webengine.dll2.0.50727.5053745,29623-Sep-201013:32x64Not Applicable
System.web.dll2.0.50727.50535,259,26423-Sep-201013:32x64Not Applicable
Aspnet_wp.exe2.0.50727.505330,54423-Sep-201013:33x86X86_NETFX-ASP
Webengine.dll2.0.50727.5053436,04823-Sep-201013:33x86Not Applicable
System.web.dll2.0.50727.50535,251,07223-Sep-201013:33x86Not Applicable

For IA-64-based systems

GDR files
File nameFile versionFile sizeDateTimePlatformService branch
Aspnet_wp.exe2.0.50727.361882,25623-Sep-201013:33IA-64IA64_NETFX-ASP
Webengine.dll2.0.50727.36181,227,60023-Sep-201013:34IA-64Not Applicable
System.web.dll2.0.50727.36184,771,84023-Sep-201013:33IA-64Not Applicable
Aspnet_wp.exe2.0.50727.361830,54423-Sep-201013:32x86X86_NETFX-ASP
Webengine.dll2.0.50727.3618435,02423-Sep-201013:32x86Not Applicable
System.web.dll2.0.50727.36185,242,88023-Sep-201013:32x86Not Applicable
LDR files
File nameFile versionFile sizeDateTimePlatformService branch
Aspnet_wp.exe2.0.50727.505382,25623-Sep-201013:31IA-64IA64_NETFX-ASP
Webengine.dll2.0.50727.50531,231,18423-Sep-201013:32IA-64Not Applicable
System.web.dll2.0.50727.50534,780,03223-Sep-201013:31IA-64Not Applicable
Aspnet_wp.exe2.0.50727.505330,54423-Sep-201013:33x86X86_NETFX-ASP
Webengine.dll2.0.50727.5053436,04823-Sep-201013:33x86Not Applicable
System.web.dll2.0.50727.50535,251,07223-Sep-201013:33x86Not Applicable
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 2416474 - Last Review: 05/11/2012 22:24:00 - Revision: 6.0

Microsoft .NET Framework 3.5 Service Pack 1, Windows Server 2008 for Itanium-Based Systems, Windows Server 2008 Datacenter, Windows Server 2008 Enterprise, Windows Server 2008 Standard, Windows Web Server 2008, Windows Vista Service Pack 1

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2416474
Feedback