Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Summary

This article describes a hotfix package for the PDBCopy tool (pdbcopy.exe). The hotfix contains a tool that scans and updates PDB files for the PDB security issue that is described in CVE-2018-1037. For more information, see the "Issues that are fixed in this hotfix" section.

Notes

  • This vulnerability mainly affects PDBs that are created by using Visual Studio 2015 and Visual Studio 2017.

  • This vulnerability affects only PDBs that have been updated after they were created.

  • This tool is needed only by developers who share PDB files publicly.

Issues that are fixed in this hotfix

This hotfix addresses the PDB security issue that is described in CVE-2018-1037, in which a PDB file may contain uninitialized heap content when it is modified by a process that updates an existing PDB file, such as Mspdbsrv.exe.

Use PDBCopy tool to scan and update existing PDB files

The PDBCopy tool that is contained in this hotfix scans PDB files for the security issue that is described in CVE-2018-1037. It can also report the affected memory block and update any PDB file to remove improperly disclosed memory within the PDB file.

This tool is provided as an alternative to regenerating PDB files that have a hotfixed version of Visual Studio. It does not change the internal timestamps in the PDB files. This tool works for PDBs that are generated by using any version of Visual Studio.

Usage: PDBCOPY.exe <target.pdb> <backup.pdb> -CVE-2018-1037 {[verbose|autofix]}

Arguments

  • target.pdb: The file name of the PDB file to update.

  • backup.pdb: The name to use for a backup copy of the PDB file.

  • -CVE-2018-1037: This switch causes the tool to report on whether the PDB file is affected by the issue, and optional arguments can report the affected memory block and update the existing PDB file in place to remove the disclosed memory. This switch is exclusive from other PDBCopy switches and takes two optional arguments:

    • verbose: Dumps the memory block from the original PDB file that is removed by the switch.

    • autofix: Updates and zero-fills the affected memory block in the PDB file.

Remarks

PDBCopy.exe updates target.pdb in-place. The tool requires a valid file name for a backup PDB. The backup PDB is created only when the target.pdb file requires updating. Please thoroughly test the fixed PDB before you delete the backup PDB.

Examples

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037

    Reports whether target.pdb is affected by CVE 2018-1037.

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037 verbose

    Reports whether target.pdb is affected by CVE 2018-1037 and, if so, displays the uninitialized memory that is written in target.pdb.

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037 autofix

    Reports whether target.pdb is affected by CVE 2018-1037 and, if so, zero fills the uninitialized memory that is written in target.pdb.

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037 verbose autofix

    Reports whether target.pdb is affected by CVE 2018-1037 and, if so, displays the uninitialized memory that is written in target.pdb and zero fills the uninitialized memory that is written in target.pdb.

  • pdbcopy.exe target.pdb backup.pdb -CVE-2018-1037 autofix verbose

    Reports whether target.pdb is affected by CVE 2018-1037 and, if so, displays the uninitialized memory that is written in target.pdb and zero fills the uninitialized memory that is written in target.pdb.

How to obtain this hotfix

The following files are available for download.

Architecture

Link

x64

PDBCopy.exe

x86

PDBCopy.exe


For more information about how to download Microsoft support files, go to the following article in the Microsoft Knowledge Base:

119591How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

More information

Prerequisites

This hotfix will install and run on the following operating systems:

  • Windows 10 Version 1507 and later versions: Home, Professional, Education, and Enterprise (LTSB and S are not supported)

  • Windows Server 2016: Standard and Datacenter

  • Windows 8.1 (with Update KB 2919355): Core, Professional, and Enterprise

  • Windows Server 2012 R2 (with Update KB 2919355): Essentials, Standard, and Datacenter

  • Windows 7 SP1 (with latest Windows Updates): Home Premium, Professional, Enterprise, and Ultimate

Restart requirement

This hotfix does not require a system restart.

Hotfix replacement information

This hotfix does not replace other hotfixes.

 

File Information

File hash information

File name

SHA1 hash

SHA256 hash

pdbcopy.exe (for x64)

DE41225B30A79E266F16B5707D0E70C0535DF451

A2885579DDAC6A1E53B4BA762B539054BB53332A18ED2A7DE1600323BB009FC0

pdbcopy.exe (for x86)

7817E670DB6213C034EE8007C0AE21B6A5E20024

C62C6A49238DE83FC696BF08BC78EA58E50ECC8CCA73BD1E6E59A95653323184
Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×