You are currently offline, waiting for your internet to reconnect

MS08-046: Vulnerabilities in Microsoft Windows Image Color Management could allow remote code execution

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

INTRODUCTION
Microsoft has released security bulletin MS08-046. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

File information

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

For all supported editions of Windows 2000

File nameFile versionFile sizeDateTimePlatform
Mscms.dll5.0.2195.716269,90425-Jun-200822:21x86

Windows XP and Windows Server 2003 file information notes

  • The files that apply to a specific milestone (RTM, SPn) and service branch (QFE, GDR) are noted in the SP requirement and Service branch columns.
  • GDR service branches contain only fixes that are broadly released to address widespread, critical issues. QFE service branches contain hotfixes in addition to broadly released fixes.
  • In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (Microsoft Knowledge Base article number.cat) that is signed by using a Microsoft digital signature.
For all supported 32-bit editions of Windows XP
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Mscms.dll5.1.2600.339674,24024-Jun-200816:23x86SP2SP2GDR
Mscms.dll5.1.2600.339674,24024-Jun-200816:28x86SP2SP2QFE
Mscms.dll5.1.2600.562774,24024-Jun-200816:43x86SP3SP3GDR
Mscms.dll5.1.2600.562774,24024-Jun-200816:53x86SP3SP3QFE
For all supported x64-based editions of Windows XP and all supported x64-based editions of Windows Server 2003
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Mscms.dll5.2.3790.3163154,11226-Jun-200801:18x64SP1SP1GDR
Wmscms.dll5.2.3790.316375,26426-Jun-200801:18x86SP1SP1GDR\WOW
Mscms.dll5.2.3790.3163154,11226-Jun-200801:18x64SP1SP1QFE
Wmscms.dll5.2.3790.316375,26426-Jun-200801:18x86SP1SP1QFE\WOW
Mscms.dll5.2.3790.4320174,59226-Jun-200801:29x64SP2SP2GDR
Wmscms.dll5.2.3790.432077,82426-Jun-200801:29x86SP2SP2GDR\WOW
Mscms.dll5.2.3790.4320174,59226-Jun-200801:18x64SP2SP2QFE
Wmscms.dll5.2.3790.432077,82426-Jun-200801:18x86SP2SP2QFE\WOW
For all supported 32-bit editions of Windows Server 2003
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Mscms.dll5.2.3790.316375,26425-Jun-200814:24x86SP1SP1GDR
Mscms.dll5.2.3790.316375,26425-Jun-200814:30x86SP1SP1QFE
Mscms.dll5.2.3790.432077,82425-Jun-200813:53x86SP2SP2GDR
Mscms.dll5.2.3790.432077,82425-Jun-200814:43x86SP2SP2QFE
For all supported Itanium-based editions of Windows Server 2003
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Mscms.dll5.2.3790.3163228,86426-Jun-200801:17IA-64SP1SP1GDR
Wmscms.dll5.2.3790.316375,26426-Jun-200801:17x86SP1SP1GDR\WOW
Mscms.dll5.2.3790.3163228,86426-Jun-200801:17IA-64SP1SP1QFE
Wmscms.dll5.2.3790.316375,26426-Jun-200801:17x86SP1SP1QFE\WOW
Mscms.dll5.2.3790.4320220,67226-Jun-200801:18IA-64SP2SP2GDR
Wmscms.dll5.2.3790.432077,82426-Jun-200801:19x86SP2SP2GDR\WOW
Mscms.dll5.2.3790.4320220,67226-Jun-200801:17IA-64SP2SP2QFE
Wmscms.dll5.2.3790.432077,82426-Jun-200801:17x86SP2SP2QFE\WOW
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000
Properties

Article ID: 952954 - Last Review: 05/09/2012 17:41:00 - Revision: 4.0

Microsoft Windows Server 2003 R2 Standard x64 Edition, Microsoft Windows Server 2003, Datacenter x64 Edition, Microsoft Windows Server 2003 Service Pack 2, Microsoft Windows Server 2003, Datacenter Edition (32-bit x86), Microsoft Windows XP Media Center Edition 2005, Microsoft Windows XP Professional x64 Edition, Microsoft Windows XP Service Pack 3, Microsoft Small Business Server 2000 Standard Edition

  • kbfix kbbug kbsecvulnerability kbsecbulletin kbsecurity kbqfe kbexpertisebeginner KB952954
Feedback
var varAutoFirePV = 1; var varClickTracking = 1; var varCustomerTracking = 1; var Route = "76500"; var Ctrl = ""; document.write("