You are currently offline, waiting for your internet to reconnect

MS13-002: Description of the security update for XML Core Services 4.0: January 8, 2013

Microsoft has released security bulletin MS13-002. To view the complete security bulletin, go to one of the following Microsoft websites: 

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Known issues with this security update

  • When you install this security update on a computer that is running Windows Vista or Windows Server 2008, you may have to restart the computer two times to complete the installation. This issue may occur if you install an XML Core Services 4.0–based update together with an update that contains inbox drivers. For example, the following updates contain inbox drivers:
    956697 Windows Server 2008 Hyper-V VSS writer is not used during a backup job because of corrupted or invalid virtual machine configuration files

    938371 A software update is available for the Windows Vista installation components
    This issue occurs because Microsoft Windows Installer (MSI)-based installations will not continue while inbox drivers are updating. This is because inbox drivers set the "impactful transaction" flag and the "reboot required" flag at the servicing stack level for Windows Vista and for Windows Server 2008. Therefore, the update for XML Core Services 4.0 will fail during installation if an update that contains an inbox driver is applied first. After the inbox driver is installed, and after the computer is restarted, the installation of security update for XML Core Services 4.0 will succeed. However, an additional restart is required to complete the installation.

    To avoid this issue, install the security update for XML Core Services 4.0 before you install the update that contains inbox drivers.

  • Security update 2758694 does not support the complete removal of MSXML 4.0.

    This situation occurs because this version of MSXML is installed in side-by-side mode. To work around this issue, follow these steps:
    1. Install update 973685. For more information about update 973685, click the following article number to view the article in the Microsoft Knowledge Base:
      973685 Description of an update for Microsoft XML Core Services 4.0 Service Pack 3
    2. Install this security update (2758694).
    3. Remove security update 973685 by using the Add or Remove Programs item in Control Panel.
    4. Delete the Msxml4.dll file from the %SystemRoot%\System32 folder.
    5. Repair the previous installation of MSXML 4.0 (from step 2) by using the Add or Remove Programs item in Control Panel.

    The earlier versions of the Msxml4.dll file and of the Msxml4r.dll file are restored to the side-by-side folder and to the %SystemRoot%\System32 folder.

Restart information

You must restart the computer after you install this security update.

Security update replacement information

This security update replaces the following security update:
2721691 MS12-043: Description of the security update for XML Core Services 4.0: July 10, 2012

Removal information

For Microsoft XML Core Services 4.0, this update does not support the complete removal of MSXML 4.0. For more information, please see the "Known issues with this security update" section. 

File information

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
File nameFile versionFile sizeDateTimePlatform
Msxml4.dll4.30.2117.01,402,31208-Nov-201211:29Not Applicable
Msxml4r.dll4.30.2100.088,90408-Nov-201211:27Not Applicable
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service dos

Applies to

This article applies to the following:
  • Microsoft XML Core Services 4.0 Service Pack 3 when used with:
    • Windows 8
    • Windows Server 2012
    • Windows 7
    • Windows 7 Service Pack 1
    • Windows RT
    • Windows Server 2008 R2
    • Windows Server 2008 R2 Service Pack 1
    • Windows Server 2008 Service Pack 2
    • Windows Vista Service Pack 2
    • Windows Server 2008 Service Pack 2
    • Windows XP Service Pack 3
    • Windows XP Professional x64 Edition Service Pack 2
    • Windows Server 2003 Service Pack 2

Article ID: 2758694 - Last Review: 01/17/2013 19:45:00 - Revision: 1.1

  • kbexpertiseinter kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix kbsurveynew atdownload KB2758694
> m/ms.js"> etElementsByTagName('head')[0].appendChild(m);" onload="var m=document.createElement('meta');'ms.dqp0';m.content='false';document.getElementsByTagName('head')[0].appendChild(m);" src="">