You are currently offline, waiting for your internet to reconnect

MS13-039: Vulnerability in HTTP.sys could allow denial of service: May 14, 2013

INTRODUCTION
Microsoft has released security bulletin MS13-039. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More information

Known issues with this security update

  • Windows Update will not offer this security update to Windows RT-based computers until update 2808380 has been installed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
    2808380 Windows RT-based device cannot download software updates or Windows Store apps
FILE INFORMATION

File hash information

File nameSHA1 hashSHA256 hash
Windows8-RT-KB2829254-x64.msu2D93045BF8DBF2DBA2EFDC8155DC1FD056F23E0F400D7E21F2473DC8558EEDFB548D9BC0A43F74345E568E079CFEA3BEC3E317D9
Windows8-RT-KB2829254-x86.msu1F2D48DAFD9C1BAC58485205B27229E529298E4A73F517736C839A49375A97A58AEE99F16021EAD02B4051FDA416A8367215971D
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.
Windows 8 and Windows Server 2012 file information
  • The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.2.920 0.16 xxxWindows 8 and Windows Server 2012RTMGDR
    6.2.920 0.20 xxxWindows 8 and Windows Server 2012RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File nameFile versionFile sizeDateTimePlatform
Http.sys6.2.9200.16556640,00015-Mar-201300:16x86
Http.sys6.2.9200.20660640,00015-Mar-201300:12x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File nameFile versionFile sizeDateTimePlatform
Http.sys6.2.9200.16556861,18415-Mar-201300:17x64
Http.sys6.2.9200.20660859,13615-Mar-201300:12x64
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 2829254 - Last Review: 05/14/2013 17:12:00 - Revision: 1.0

Windows RT, Windows 8, Windows 8 Enterprise, Windows 8 Pro, Windows Server 2012 Datacenter, Windows Server 2012 Essentials, Windows Server 2012 Foundation, Windows Server 2012 Standard

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2829254
Feedback
s://c1.microsoft.com/c.gif?DI=4050&did=1&t=">d=1&t=">