You are currently offline, waiting for your internet to reconnect

MS14-011: Description of the security update for Visual Basic Scripting Edition (VBScript) 5.7: February 11, 2014

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

INTRODUCTION
Microsoft has released security bulletin MS14-011. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Prerequisites to apply this security update

To install this security update, you must have Microsoft Visual Basic Scripting Edition (VBScript) 5.7 installed on the computer.

VBScript 5.7 is installed by the following:
  • Internet Explorer 7
  • Windows Server 2008. Versions include the following:
    • x86-based 
    • x86-based Service Pack 2 (SP2) 
    • x64-based 
    • x64-based SP2 
    • Itanium-based 
    • Itanium-based SP2
  • Windows Vista. Versions include the following:
    • x86-based,
    • x86-based Service Pack 1 (SP1)
    • x86-based SP2 
    • x64-based 
    • x64-based SP1 
    • x64-based SP2
  • Windows XP Service Pack 3
  • Windows Script Host 5.7
To determine the version of VBScript that is installed on the computer, follow these steps:
  1. Open Windows Explorer.
  2. Locate the following directory:
    %systemroot%\system32
  3. Right-click Vbscript.dll file, and then click Properties.
  4. Click the Details tab to view the contents of the File Version field. For example, the file version may be 5.7.0.18066.
If the file version starts with 5.7, as in the example, VBScript 5.7 is installed on the computer. 

Restart information

You may have to restart the computer after you install this security update.

Security update replacement information

This security update replaces the following security update:
981349 MS10-022: Description of the security update for Visual Basic Scripting (VBScript) 5.7: April 13, 2010

Removal information

To remove this security update, take one of the following actions:
  • Use the Add or Remove Programs item or the Programs and Features item in Control Panel.
  • Use the Spuninst.exe utility that is located in the following folder:
    %Windir%\$NTUninstallKB981349$\Spuninst

File information

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
For all supported x86-based versions of Windows XP SP3
File nameFile versionFile sizeDateTimePlatform
Vbscript.dll5.7.6002.23292434,17631-Dec-201300:45x86
For all supported x86-based versions of Windows Server 2003 SP3
File nameFile versionFile sizeDateTimePlatform
Vbscript.dll5.7.6002.23292434,17631-Dec-201300:42x86
For all supported x64-based versions of Windows Server2003 SP2 and Windows XP Professional
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Vbscript.dll5.7.6002.23292603,13631-Dec-201314:21x64SP2SP2QFE
Wvbscript.dll5.7.6002.23292434,17631-Dec-201314:21x86SP2SP2QFE\WOW
For all supported Itanium-based versions of Windows Server 2003 SP2
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Vbscript.dll5.7.6002.232921,154,04831-Dec-201314:20IA-64SP2SP2QFE
Wvbscript.dll5.7.6002.23292434,17631-Dec-201314:20x86SP2SP2QFE\WOW
For all supported x86-based versions of Windows Vista, Windows Vista SP1, Windows Vista SP2, Windows Server 2008, and Windows Server 2008 SP2
File nameFile versionFile sizeDateTimePlatform
Vbscript.dll5.7.6002.19005430,08013-Dec-201302:13x86
Vbscript.dll5.7.6002.23292434,17613-Dec-201303:01x86
For all supported x64-based versions of Windows Server 2008 and Windows Server 2008 SP2
File nameFile versionFile sizeDateTimePlatform
Vbscript.dll5.7.6002.19005602,62413-Dec-201304:34x64
Vbscript.dll5.7.6002.23292603,13613-Dec-201303:44x64
Vbscript.dll5.7.6002.19005430,08013-Dec-201302:13x86
Vbscript.dll5.7.6002.23292434,17613-Dec-201303:01x86
For all supported Itanium-based versions of Windows Server 2008
File nameFile versionFile sizeDateTimePlatform
Vbscript.dll5.7.6002.190051,152,51213-Dec-201303:51IA-64
Vbscript.dll5.7.6002.232921,154,04813-Dec-201302:26IA-64
Vbscript.dll5.7.6002.19005430,08013-Dec-201302:13x86
Vbscript.dll5.7.6002.23292434,17613-Dec-201303:01x86
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service dos
Properties

Article ID: 2909212 - Last Review: 02/11/2014 18:09:00 - Revision: 1.0

Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2, Microsoft Windows Server 2003 Service Pack 2, Microsoft Windows XP Professional x64 Edition, Microsoft Windows XP Service Pack 3

  • kbqfe kbexpertiseinter kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix kbsurveynew KB2909212
Feedback
e;" onerror="var m=document.createElement('meta');m.name='ms.dqp0';m.content='true';document.getElementsByTagName('head')[0].appendChild(m);" onload="var m=document.createElement('meta');m.name='ms.dqp0';m.content='false';document.getElementsByTagName('head')[0].appendChild(m);" src="http://c1.microsoft.com/c.gif?">