You are currently offline, waiting for your internet to reconnect

MS09-061: Description of the security update for the Microsoft .NET Framework 2.0 Service Pack 2 and the Microsoft .NET Framework 3.5 Service Pack 1: October 13, 2009

INTRODUCTION
Microsoft has released security bulletin MS09-061. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

MORE INFORMATION

Prerequisites to install this security update

To install this security update, you must have Windows Installer 3.1 or a later version installed on the computer. To obtain the latest version of Windows Installer for the computer, visit the following Microsoft Web site:

Restart requirements

This hotfix does not require a system restart, but it will cause a restart of all Internet Information Services-related services including the IISADMIN, W3SVC, FTP and SMTP services. This is because the base product MSI for the .NET Framework 2.0 includes instructions for restarting these services. Therefore, every update to the product will execute these instructions.

Update removal information

After you install this update, you can uninstall it by using the Add or Remove Programs item in Control Panel.

Command-line switches for this update

You can find information about the various command-line switches that this update supports in security bulletin MS09-061 and on the following MSDN Web site: For more information about Windows Installer, visit the following MSDN Web site:

Known issues

For more information about installation issues with this update, click the following article numbers to view the articles in the Microsoft Knowledge Base:
923100 When you try to install an update for the .NET Framework 1.0, 1.1, 2.0, 3.0, or 3.5, you may receive Windows Update error code "0x643" or Windows Installer error code "1603"
923101 Error message when you try to install a security update for the .NET Framework 2.0 on a computer that is running Windows Server 2003 x64 Edition: "Error 1324. The folder 'Program Files' contains an invalid character"
FILE INFORMATION
The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

General Distribution Releases (GDR)

For Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 on 32-bit systems

File nameFile versionFile sizeDateTime
mscordacwks.dll2.0.50727.3603989,01608-Aug-200906:51
mscorlib.dll2.0.50727.36034,546,56008-Aug-200906:51
mscorwks.dll2.0.50727.36035,812,56008-Aug-200906:51

For Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 on x64-based systems

File nameFile versionFile sizeDateTime
mscordacwks.dll2.0.50727.36031,764,68008-Aug-200901:38
mscordacwks.dll2.0.50727.3603989,01608-Aug-200906:51
mscorlib.dll2.0.50727.36034,562,94408-Aug-200901:34
mscorlib.dll2.0.50727.36034,546,56008-Aug-200906:51
mscorwks.dll2.0.50727.360310,075,96808-Aug-200901:37
mscorwks.dll2.0.50727.36035,812,56008-Aug-200906:51

For Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 on Itanium-based systems

File nameFile versionFile sizeDateTime
mscordacwks.dll2.0.50727.36033,084,63208-Aug-200903:25
mscordacwks.dll2.0.50727.3603989,01608-Aug-200906:51
mscorlib.dll2.0.50727.36034,005,88808-Aug-200903:24
mscorlib.dll2.0.50727.36034,546,56008-Aug-200906:51
mscorwks.dll2.0.50727.360320,151,12008-Aug-200903:21
mscorwks.dll2.0.50727.36035,812,56008-Aug-200906:51

Limited Distribution Releases (LDR)

For Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 on 32-bit systems

File nameFile versionFile sizeDateTime
mscordacwks.dll2.0.50727.4062989,52807-Aug-200911:40
mscorlib.dll2.0.50727.40624,550,65607-Aug-200911:40
SOS.dll2.0.50727.4062388,92007-Aug-200911:40
mscorwks.dll2.0.50727.40625,818,70407-Aug-200911:40

For Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 on x64-based systems

File nameFile versionFile sizeDateTime
mscordacwks.dll2.0.50727.40621,758,55207-Aug-200908:10
mscordacwks.dll2.0.50727.4062989,52807-Aug-200911:40
mscorlib.dll2.0.50727.40624,567,04007-Aug-200908:05
mscorlib.dll2.0.50727.40624,550,65607-Aug-200911:40
SOS.dll2.0.50727.4062485,19207-Aug-200908:06
SOS.dll2.0.50727.4062388,92007-Aug-200911:40
mscorwks.dll2.0.50727.406210,062,16007-Aug-200908:08
mscorwks.dll2.0.50727.40625,818,70407-Aug-200911:40

For Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 on Itanium-based systems

File nameFile versionFile sizeDateTime
mscordacwks.dll2.0.50727.40623,085,12807-Aug-200907:35
mscordacwks.dll2.0.50727.4062989,52807-Aug-200911:40
mscorlib.dll2.0.50727.40624,009,98407-Aug-200907:34
mscorlib.dll2.0.50727.40624,550,65607-Aug-200911:40
SOS.dll2.0.50727.4062872,76007-Aug-200907:33
SOS.dll2.0.50727.4062388,92007-Aug-200911:40
mscorwks.dll2.0.50727.406220,172,60807-Aug-200907:31
mscorwks.dll2.0.50727.40625,818,70407-Aug-200911:40
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000
Properties

Article ID: 974417 - Last Review: 05/08/2012 22:00:00 - Revision: 5.0

Microsoft .NET Framework 3.5 Service Pack 1, Microsoft .NET Framework 2.0 Service Pack 2

  • kbexpertiseinter kbsecvulnerability kbsecurity kbsecbulletin KB974417
Feedback