MS14-008: Vulnerability in Forefront Protection for Exchange could allow remote code execution: February 11, 2014

Microsoft has released security bulletin MS14-008. To learn more about this security bulletin:

How to obtain help and support for this security update

Security solutions for IT professionals:TechNet Security Troubleshooting and Support

Help protect your Windows-based computer Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country:International Support

More information
This security update applies to Forefront Protection for Exchange only when Forefront Protection for Exchange is installed on an Exchange Hub or an Exchange Edge server. If Forefront Protection for Exchange is installed on an Exchange mailbox-only role, this update is not needed. The update is not required when Forefront Protection for Exchange is installed on clustered Exchange servers.  


Before you can install this security update, you must install Hotfix Rollup 4 for Microsoft Forefront Protection for Exchange. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2619883 Hotfix Rollup 4 for Microsoft Forefront Protection for Exchange

Known issues with this security update

  • If you try to uninstall this security update, you may be prompted for the Forefrontsetup_64.msi file if the original installation images are not available.

    Note The Forefrontsetup_64.msi file is included in this security update.

    To work around this issue, use either of the following methods:
    • Provide the original installation disks.
    • Extract the file from the security update. To do this, open a command prompt, type the following command, and then press Enter:
      ForefrontProtectionforExchange-KB2927022-x86.exe /extract
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

File information

File nameFile versionFile sizeDateTimePlatform
Forefrontsetup_64.msiNot Applicable121,476,09622-Nov-201112:07Not Applicable
Setup.batNot Applicable2223-Jan-201423:50Not Applicable

File hash information

File nameSHA1 hashSHA256 hash
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE

Article ID: 2927022 - Last Review: 02/21/2014 22:53:00 - Revision: 2.0

Microsoft Forefront Protection 2010 for Exchange Server

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2927022