You are currently offline, waiting for your internet to reconnect

Your browser is out-of-date

You need to update your browser to use the site.

Update to the latest version of Internet Explorer

MS13-103: Vulnerability in ASP.NET SignalR could allow elevation of privilege: December 10, 2013

Microsoft has released security bulletin MS13-103. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates:Support for Microsoft Update

Security solutions for IT professionals:TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country:International Support

More information

Additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.
  • 2903566 MS13-103: Description of the security update for Microsoft Visual Studio Team Foundation Server 2013: December 10, 2013
  • 2903919 MS13-103: Description of the security update for ASP.NET SignalR: December 10, 2013

File hash information

File nameSHA1 hashSHA256 hash
Applies to
  • ASP.NET SignalR 1.1.x 
  • ASP.NET SignalR 2.0.x 
  • Microsoft Visual Studio Team Foundation Server 2013
Note The ASP.NET SignalR updates apply to Windows-based servers that host web applications that support ASP.NET SignalR functionality. These updates are available only for download, and they update versions 1.1.0, 1.1.1, 1.1.2, 1.1.3, and version 2.0.0 to the latest supported versions (1.1.4 and 2.0.1, as of the date of this bulletin). See the "Security Update Deployment" section of the security bulletin for more information. 
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE

Article ID: 2905244 - Last Review: 12/10/2013 18:13:00 - Revision: 1.0

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2905244