You are currently offline, waiting for your internet to reconnect

MS11-028: Description of the security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: April 12, 2011

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

INTRODUCTION
Microsoft has released security bulletin MS11-028. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

MORE INFORMATION

Download information

The following file is available for download from the Microsoft Download Center:

DownloadDownload the package now.

Release Date: April 12, 2011

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

To install this update, you must have Windows Installer 3.1 or a later version installed on the computer. To obtain the latest version of Windows Installer, visit the following Microsoft website:

Known issues and additional information about this security update

For more information about installation issues with the Microsoft .NET Framework 4.0, click the following article number to view the article in the Microsoft Knowledge Base:
2436246 Updates for the .NET Framework may not have a fully localized setup experience

2431208 An update for the Microsoft .NET Framework may fail to install when the Microsoft .NET Framework 4 is installed and a restart is pending

2260913 Files in use or File Locks can Result in Framework Assembly Files being Deleted

2263996 Patching of Microsoft Framework can fail with Access is denied or File in Use error

2570538 Installing updates for the Microsoft .NET Framework 4 can take longer than expected in some scenarios

Command-line switches for this update

For information about the various command-line switches that are supported by this update, see the Windows Installer command-line switches document.

For more information about Windows Installer, visit the Windows Installer MSDN website.

Restart requirement

This update does not require a system restart after you apply it unless files being updated are locked or in use. However, installing this update will trigger a restart of all Internet Information Services (IIS)-related services, including the IISADMIN, W3SVC, FTP, and SMTP services. This behavior occurs because a base component for the .NET Framework includes instructions for restarting these services. Therefore, every update to the product will execute the same restarting instructions.

Update removal information

To remove this update, use the Add or Remove Programs item in Control Panel.

Update replacement information

The x64 and Itanium based versions of this security update replace the following security update: 
2160841 MS10-077: Vulnerability in the .NET Framework could allow remote code execution
FILE INFORMATION
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For all supported x86-based versions of systems

GDR Service Branch

File nameFile versionFile sizeDateTime
clr.dll4.0.30319.2256,735,17610-Feb-201112:06
clrjit.dll4.0.30319.225385,86410-Feb-201112:06
mscordacwks.dll4.0.30319.2251,142,10410-Feb-201112:06
mscordbi.dll4.0.30319.225955,72810-Feb-201112:06
mscorlib.dll4.0.30319.2255,196,11210-Feb-201112:06
nlssorting.dll4.0.30319.22556,65610-Feb-201112:06
SOS.dll4.0.30319.225517,44810-Feb-201112:06

LDR Service Branch

File nameFile versionFile sizeDateTime
clr.dll4.0.30319.4316,735,17610-Feb-201109:17
clrjit.dll4.0.30319.431385,86410-Feb-201109:18
mscordacwks.dll4.0.30319.4311,142,10410-Feb-201109:18
mscordbi.dll4.0.30319.431955,21610-Feb-201109:18
mscorlib.dll4.0.30319.4315,196,11210-Feb-201109:18
nlssorting.dll4.0.30319.43156,14410-Feb-201109:18
Setup.exe10.0.30319.43178,15210-Feb-201108:49
SetupEngine.dll10.0.30319.431809,30410-Feb-201108:49
SetupUi.dll10.0.30319.431295,24810-Feb-201108:49
SOS.dll4.0.30319.431516,93610-Feb-201109:18

For all supported x64-based versions of systems

GDR Service Branch

File nameFile versionFile sizeDateTime
clr.dll4.0.30319.2259,801,54410-Feb-201113:12
clr.dll4.0.30319.2256,735,17610-Feb-201112:06
clrjit.dll4.0.30319.225385,86410-Feb-201112:06
mscordacwks.dll4.0.30319.2251,513,81610-Feb-201113:13
mscordacwks.dll4.0.30319.2251,142,10410-Feb-201112:06
mscordbi.dll4.0.30319.2251,453,39210-Feb-201113:13
mscordbi.dll4.0.30319.225955,72810-Feb-201112:06
mscorlib.dll4.0.30319.2254,960,08010-Feb-201113:13
mscorlib.dll4.0.30319.2255,196,11210-Feb-201112:06
nlssorting.dll4.0.30319.22567,92010-Feb-201113:13
nlssorting.dll4.0.30319.22556,65610-Feb-201112:06
SOS.dll4.0.30319.225597,83210-Feb-201113:13
SOS.dll4.0.30319.225517,44810-Feb-201112:06

LDR Service Branch

File nameFile versionFile sizeDateTime
clr.dll4.0.30319.4319,801,54410-Feb-201110:14
clr.dll4.0.30319.4316,735,17610-Feb-201109:17
clrjit.dll4.0.30319.431385,86410-Feb-201109:18
mscordacwks.dll4.0.30319.4311,513,81610-Feb-201110:14
mscordacwks.dll4.0.30319.4311,142,10410-Feb-201109:18
mscordbi.dll4.0.30319.4311,453,39210-Feb-201110:14
mscordbi.dll4.0.30319.431955,21610-Feb-201109:18
mscorlib.dll4.0.30319.4314,960,08010-Feb-201110:14
mscorlib.dll4.0.30319.4315,196,11210-Feb-201109:18
nlssorting.dll4.0.30319.43167,40810-Feb-201110:14
nlssorting.dll4.0.30319.43156,14410-Feb-201109:18
Setup.exe10.0.30319.43178,15210-Feb-201108:49
SetupEngine.dll10.0.30319.431809,30410-Feb-201108:49
SetupUi.dll10.0.30319.431295,24810-Feb-201108:49
SOS.dll4.0.30319.431597,83210-Feb-201110:14
SOS.dll4.0.30319.431516,93610-Feb-201109:18

For all supported IA-64-based versions of systems

GDR Service Branch

File nameFile versionFile sizeDateTime
clr.dll4.0.30319.22519,388,23210-Feb-201114:26
clr.dll4.0.30319.2256,735,17610-Feb-201112:06
clrjit.dll4.0.30319.225385,86410-Feb-201112:06
mscordacwks.dll4.0.30319.2253,757,40010-Feb-201114:26
mscordacwks.dll4.0.30319.2251,142,10410-Feb-201112:06
mscordbi.dll4.0.30319.2253,293,52010-Feb-201114:26
mscordbi.dll4.0.30319.225955,72810-Feb-201112:06
mscorlib.dll4.0.30319.2254,447,56810-Feb-201114:26
mscorlib.dll4.0.30319.2255,196,11210-Feb-201112:06
nlssorting.dll4.0.30319.225144,20810-Feb-201114:27
nlssorting.dll4.0.30319.22556,65610-Feb-201112:06
SOS.dll4.0.30319.2251,203,52810-Feb-201114:27
SOS.dll4.0.30319.225517,44810-Feb-201112:06

LDR Service Branch

File nameFile versionFile sizeDateTime
clr.dll4.0.30319.43119,388,23210-Feb-201111:09
clr.dll4.0.30319.4316,735,17610-Feb-201109:17
clrjit.dll4.0.30319.431385,86410-Feb-201109:18
mscordacwks.dll4.0.30319.4313,756,88810-Feb-201111:09
mscordacwks.dll4.0.30319.4311,142,10410-Feb-201109:18
mscordbi.dll4.0.30319.4313,293,52010-Feb-201111:09
mscordbi.dll4.0.30319.431955,21610-Feb-201109:18
mscorlib.dll4.0.30319.4314,448,08010-Feb-201111:09
mscorlib.dll4.0.30319.4315,196,11210-Feb-201109:18
nlssorting.dll4.0.30319.431143,18410-Feb-201111:10
nlssorting.dll4.0.30319.43156,14410-Feb-201109:18
Setup.exe10.0.30319.43178,15210-Feb-201108:49
SetupEngine.dll10.0.30319.431809,30410-Feb-201108:49
SetupUi.dll10.0.30319.431295,24810-Feb-201108:49
SOS.dll4.0.30319.4311,203,01610-Feb-201111:10
SOS.dll4.0.30319.431516,93610-Feb-201109:18
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 2446708 - Last Review: 06/18/2012 03:38:00 - Revision: 6.0

  • Microsoft .NET Framework 4
  • Windows 7 Service Pack 1
  • Windows 7 Home Basic
  • Windows 7 Home Premium
  • Windows 7 Professional
  • Windows 7 Ultimate
  • Windows 7 Enterprise
  • Windows Server 2008 R2 Service Pack 1
  • Windows Server 2008 R2 Standard
  • Windows Server 2008 R2 Enterprise
  • Windows Server 2008 R2 Datacenter
  • Windows Server 2008 Service Pack 2
  • Windows Server 2008 for Itanium-Based Systems
  • Windows Server 2008 Datacenter
  • Windows Server 2008 Enterprise
  • Windows Server 2008 Standard
  • Windows Web Server 2008
  • Windows Vista Service Pack 2
  • Windows Vista Service Pack 1
  • Microsoft Windows Server 2003 Service Pack 2
  • Microsoft Windows XP Service Pack 3
  • atdownload kbsurveynew kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2446708
Feedback