You are currently offline, waiting for your internet to reconnect

MS12-061:Vulnerability in Visual Studio Team Foundation Server could allow elevation of privilege: September 11, 2012

INTRODUCTION
Microsoft has released security bulletin MS12-061. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

More information

Known issues with this security update

  • You must have SQL Admin access to the Team Foundation Server (TFS) databases in order to install this security update.

    Note We do not recommend that you uninstall any security update. 
  • You must restart IIS after you install this security update. To do this, restart the World Wide Web Publishing Service. For more information, go to the following Microsoft webpage:  
FILE INFORMATION

File hash information

File nameSHA1 hashSHA256 hash
VS10SP1-KB2719584.exe5BF7447898065DC50AFA73912089D3F6F94A885351E36A3EE4B721F51A30DD1A33B093DC7580C3FD58F684CDE7E348A0ECE38AC8
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.
File nameFile versionFile sizeDateTime
Microsoft.TeamFoundation.WebAccess.dll10.0.40219.417365,56801-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.Server.dll10.0.40219.417481,28001-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.dll10.0.40219.417380,92801-Sep-201219:41
PageToolbar.js6,86201-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.41794,20801-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417139,26401-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.41781,92001-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417135,16801-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.41781,92001-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417139,26401-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.41790,11201-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417139,26401-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.41790,11201-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417139,26401-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.41790,11201-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417139,26401-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.41790,11201-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417139,26401-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.41790,11201-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417139,26401-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.resources.dll10.0.40219.417110,59201-Sep-201219:41
Microsoft.TeamFoundation.WebAccess.WorkItemTracking.resources.dll10.0.40219.417143,36001-Sep-201219:41
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 2719584 - Last Review: 09/24/2012 17:00:00 - Revision: 2.0

Microsoft Visual Studio Team Foundation Server 2010 Service Pack 1

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2719584
Feedback