MS16-065: Security update for the .NET Framework: May 10, 2016

Summary
This security update resolves a vulnerability in the Microsoft .NET Framework. The vulnerability could cause information disclosure if an attacker injects unencrypted data in the target secure channel and then performs a man-in-the-middle (MiTM) attack between the targeted client and a legitimate server. To learn more about the vulnerability, see Microsoft Security Bulletin MS16-065.
More information
Important
  • All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Known issues in this security update

  • After you install any of the security updates that are included in MS16-065 on a Front End or Standard Edition server for Lync Server 2010, Lync Server 2013, or Skype for Business Server 2015, several conferencing modalities no longer function for internal users.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:
    3165438 Conferencing modalities no longer function in Lync Server 2010, Lync Server 2013, or Skype for Business Server 2015 after you install Security Bulletin MS16-065
Additional information about this security update
The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.

Microsoft .NET Framework 4.6 and 4.6.1

  • 3142036 MS16-065: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: May 10, 2016
  • 3142037 MS16-065: Description of the security update for the .NET Framework 4.6 in Windows 7 SP1 and Windows Server 2008 R2 SP1 and the .NET Framework 4.6.1 in Windows Vista SP2 and Windows Server 2008 SP2: May 10, 2016
  • 3142035 MS16-065: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows Server 2012: May 10, 2016

Microsoft .NET Framework 4.5.2

  • 3142030 MS16-065: Description of the security update for the .NET Framework 4.5.2 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: May 10, 2016
  • 3142033 MS16-065: Description of the security update for the .NET Framework 4.5.2 in Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: May 10, 2016
  • 3142032 MS16-065: Description of the security update for the .NET Framework 4.5.2 in Windows Server 2012: May 10, 2016

Microsoft .NET Framework 3.5 and 3.5.1

  • 3142024 MS16-065: Description of the security update for the .NET Framework 3.5.1 in Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: May 10, 2016
  • 3142026 MS16-065: Description of the security update for the .NET Framework 3.5 in Windows 8.1 and Windows Server 2012 R2: May 10, 2016
  • 3142025 MS16-065: Description of the security update for the .NET Framework 3.5 in Windows Server 2012: May 10, 2016

Microsoft .NET Framework 2.0

  • 3142023 MS16-065: Description of the security update for the .NET Framework 2.0 Service Pack 2 in Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: May 10, 2016


Security update deployment information

Windows Vista (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file namesFor Microsoft .NET Framework 2.0 Service Pack 2 on all supported 32-bit editions of Windows Vista:
Windows6.0-KB3142023-x86.msu
For Microsoft .NET Framework 4.5.2 when installed on all supported 32-bit editions of Windows Vista:
NDP45-KB3142033-x86.exe
For Microsoft .NET Framework 4.6 when installed on all supported 32-bit editions of Windows Vista:
NDP46-KB3142037-x86.exe
For Microsoft .NET Framework 2.0 Service Pack 2 on all supported x64-based editions of Windows Vista:
Windows6.0-KB3142023-x64.msu
For Microsoft .NET Framework 4.5.2 when installed on all supported x64-based editions of Windows Vista:
NDP45-KB3142033-x64.exe
For Microsoft .NET Framework 4.6 when installed on all supported x64-based editions of Windows Vista:
NDP46-KB3142037-x64.exe
Installation switchesFor Microsoft .NET Framework, see Microsoft Knowledge Base Article 2844699
Update log fileFor Microsoft .NET Framework 2.0 Service Pack 2:
Not applicable
For Microsoft .NET Framework 4.5.2:
KB3142033_*_*-Microsoft .NET Framework [.NET target version]-MSP0.txt
KB3142033_*_*.html
For Microsoft .NET Framework 4.6:
KB3142037_*_*-Microsoft .NET Framework 4.6/4.6.1-MSP0.txt
KB3142037_*_*.html
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
Removal informationClick Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File informationSee the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.
Registry key verificationFor Microsoft .NET Framework 2.0 Service Pack 2 (3142023):
A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.
For Microsoft .NET Framework 4.5.2:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework [.NET target version]\KB3142033
”ThisVersionInstalled” = “Y”
For Microsoft .NET Framework 4.6:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.6\KB3142037
"ThisVersionInstalled" = "Y"

Windows Server 2008 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file namesFor Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2:
Windows6.0-KB3142023-x86.msu
For Microsoft .NET Framework 4.5.2 when installed on all supported 32-bit editions of Windows Server 2008 Service Pack 2:
NDP45-KB3142033-x86.exe
For Microsoft .NET Framework 4.6 when installed on all supported 32-bit editions of Windows Server 2008 Service Pack 2:
NDP46-KB3142037-x86.exe
For Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2:
Windows6.0-KB3142023-x64.msu
For Microsoft .NET Framework 4.5.2 on all supported x64-based editions of Windows Server 2008 Service Pack 2:
NDP45-KB3142033-x64.exe
For Microsoft .NET Framework 4.6 on all supported x64-based editions of Windows Server 2008 Service Pack 2:
NDP46-KB3142037-x64.exe
For Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-based Systems Service Pack 2:
Windows6.0-KB3142023-ia64.msu
Installation switchesSee Microsoft Knowledge Base Article 2844699
Update log fileFor Microsoft .NET Framework 2.0 Service Pack 2:
Not applicable
For Microsoft .NET Framework 4.5.2:
KB3142033_*_*-Microsoft .NET Framework [.NET target version]-MSP0.txt
KB3142033_*_*.html
For Microsoft .NET Framework 4.6:
KB3142037_*_*-Microsoft .NET Framework 4.6/4.6.1-MSP0.txt
KB3142037_*_*.html
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
Removal informationClick Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File informationSee the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.
Registry key verificationFor Microsoft .NET Framework 2.0 Service Pack 2 (3142023):
A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.
For Microsoft .NET Framework 4.5.2:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework [.NET target version]\KB3142033
”ThisVersionInstalled” = “Y”
For Microsoft .NET Framework 4.6:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.6\KB3142037
"ThisVersionInstalled" = "Y"

Windows 7 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor Microsoft .NET Framework 3.5.1 on all supported 32-bit editions of Windows 7 Service Pack 1:
Windows6.1-KB3142024-x86.msu
For Microsoft .NET Framework 4.5.2 when installed on all supported 32-bit editions of Windows 7 Service Pack 1:
NDP45-KB3142033-x86.exe
For Microsoft .NET Framework 4.6/4.6.1 when installed on all supported 32-bit editions of Windows 7 Service Pack 1:
NDP46-KB3142037-x86.exe
For Microsoft .NET Framework 3.5.1 on all supported x64-based editions of Windows 7 Service Pack 1:
Windows6.1-KB3142024-x64.msu
For Microsoft .NET Framework 4.5.2 when installed on all supported x64-based editions of Windows 7 Service Pack 1:
NDP45-KB3142033-x64.exe
For Microsoft .NET Framework 4.6/4.6.1 when installed on all supported x64-based editions of Windows 7 Service Pack 1:
NDP46-KB3142037-x64.exe
Installation switchesSee Microsoft Knowledge Base Article 2844699
Update log fileFor Microsoft .NET Framework 3.5.1:
Not applicable.
For Microsoft .NET Framework 4.5.2:
KB3142033_*_*-Microsoft .NET Framework [.NET target version]-MSP0.txt
KB3142033_*_*.html
For Microsoft .NET Framework 4.6/4.6.1:
KB3142037_*_*-Microsoft .NET Framework 4.6/4.6.1-MSP0.txt
KB3142037_*_*.html
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
Removal informationClick Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File informationSee the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.
Registry key verificationA registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.
For Microsoft .NET Framework 4.5.2:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework [.NET target version]\KB3142033
”ThisVersionInstalled” = “Y”
For Microsoft .NET Framework 4.6/4.6.1:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.6\KB3142037
"ThisVersionInstalled" = "Y"

Windows Server 2008 R2 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor Microsoft .NET Framework 3.5.1 on all supported x64-based editions of Windows Server 2008 R2 Service Pack 1:
Windows6.1-KB3142024-x64.msu
For Microsoft .NET Framework 4.5.2 when installed on all supported x64-based editions of Windows Server 2008 R2 Service Pack 1:
NDP45-KB3142033-x64.exe
For Microsoft .NET Framework 4.6/4.6.1 when installed on all supported 32-bit editions of Windows 7 Service Pack 1:
NDP46-KB3142037-x64.exe
For Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:
Windows6.1-KB3142024-ia64.msu
Installation switchesSee Microsoft Knowledge Base Article 2844699
Update log fileFor Microsoft .NET Framework 3.5.1:
Not applicable
For Microsoft .NET Framework 4.5.2:
KB3142033_*_*-Microsoft .NET Framework [.NET target version]-MSP0.txt
KB3142033_*_*.html
For Microsoft .NET Framework 4.6/4.6.1:
KB3142037_*_*-Microsoft .NET Framework 4.6/4.6.1-MSP0.txt
KB3142037_*_*.html
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
Removal informationClick Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File informationSee the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.
Registry key verificationFor Microsoft .NET Framework 3.5.1:
A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.
For Microsoft .NET Framework 4.5.2:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework [.NET target version]\KB3142033
”ThisVersionInstalled” = “Y”
For Microsoft .NET Framework 4.6/4.6.1:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.6\KB3142037
"ThisVersionInstalled" = "Y"

Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit Systems:
Windows8.1-KB3142026-x86.msu
For Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit Systems:
Windows8.1-KB3142030-x86.msu
For Microsoft .NET Framework 4.6/4.6.1 on Windows 8.1 for 32-bit Systems:
Windows8.1-KB3142036-x86.msu
For Microsoft .NET Framework 3.5 on Windows 8.1 for x64-based Systems:
Windows8.1-KB3142026-x64.msu
For Microsoft .NET Framework 4.5.2 on Windows 8.1 for x64-based Systems:
Windows8.1-KB3142030-x64.msu
For Microsoft .NET Framework 4.6/4.6.1 on Windows 8.1 for x64-based Systems:
Windows8.1-KB3142036-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 2844699
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
Removal informationClick Control Panel, click System and Security, and then under Windows Update, click View update history and select from the list of updates.
File informationSee the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.
Registry key verificationRegistry keys do not exist to validate the presence of these updates. Use WMI to detect for the presence of these updates.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor Microsoft .NET Framework 3.5 on Windows Server 2012:
Windows8-RT-KB3142025-x64.msu
For Microsoft .NET Framework 4.5.2 on Windows Server 2012:
Windows8-RT-KB3142032-x64.msu
For Microsoft .NET Framework 4.6/4.6.1 on Windows Server 2012:
Windows8-RT-KB3142035-x64.msu
For Microsoft .NET Framework 3.5 on Windows Server 2012 R2:
Windows8.1-KB3142026-x64.msu
For Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2:
Windows8.1-KB3142030-x64.msu
For Microsoft .NET Framework 4.6/4.6.1 on Windows Server 2012 R2:
Windows8.1-KB3142036-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 2844699
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
Removal informationClick Control Panel, click System and Security, and then under Windows Update, click View update history and select from the list of updates.
File informationSee the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.
Registry key verificationRegistry keys do not exist to validate the presence of these updates. Use WMI to detect for the presence of these updates.

Windows RT 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.
DeploymentThe 3142030 update is available via Windows Update only.
The 3142036 update is available via Windows Update only.
Restart RequirementA system restart is required after applying this security update.
Removal InformationClick Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File InformationSee the individual Knowledge Base articles that are listed in the “Additional information about this security update” section.

Windows 10 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 10:
Windows10.0-KB3156387-x86.msu
For all supported x64-based editions of Windows 10:
Windows10.0-KB3156387-x64.msu
For all supported 32-bit editions of Windows 10 Version 1511:
Windows10.0-KB3156421-x86.msu
For all supported x64-based editions of Windows 10 Version 1511:
Windows10.0-KB3156421-x64.msu
Installation switchesFor Microsoft .NET Framework, see Microsoft Knowledge Base Article 2844699
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3156387
See Microsoft Knowledge Base Article 3156421
Registry key verificationRegistry keys do not exist to validate the presence of these updates.

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Applies to

This article applies to the following:
  • Microsoft .NET Framework 4.6.1 when used with:
    • Windows Server 2012 R2
    • Windows 8.1
    • Windows RT 8.1
    • Windows Server 2012
    • Windows Server 2008 R2 Service Pack 1
    • Windows 7 Service Pack 1
  • Microsoft .NET Framework 4.6 when used with:
    • Windows Server 2012 R2
    • Windows 8.1
    • Windows RT 8.1
    • Windows Server 2012
    • Windows Server 2008 R2 Service Pack 1
    • Windows 7 Service Pack 1
    • Windows Server 2008 Service Pack 2
    • Windows Vista Service Pack 2
  • Microsoft .NET Framework 4.5.2 when used with:
    • Windows Server 2012 R2
    • Windows 8.1
    • Windows RT 8.1
    • Windows Server 2012
    • Windows Server 2008 R2 Service Pack 1
    • Windows 7 Service Pack 1
    • Windows Server 2008 Service Pack 2
    • Windows Vista Service Pack 2
  • Microsoft .NET Framework 3.5.1 when used with:
    • Windows Server 2008 R2 Service Pack 1
    • Windows 7 Service Pack 1
  • Microsoft .NET Framework 3.5 when used with:
    • Windows Server 2012 R2
    • Windows 8.1
    • Windows Server 2012
  • Microsoft .NET Framework 2.0 Service Pack 2 when used with:
    • Windows Server 2008 Service Pack 2
    • Windows Vista Service Pack 2
    • Windows Server 2003 Service Pack 2
Properties

Article ID: 3156757 - Last Review: 05/19/2016 19:08:00 - Revision: 2.0

Microsoft .NET Framework 4.6.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 2.0 Service Pack 2

  • kbsecvulnerability kbsecurity kbsecbulletin kbfix kbexpertiseinter kbbug atdownload KB3156757
Feedback