You are currently offline, waiting for your internet to reconnect

MS10-060: Description of the security update for the .NET Framework 3.5 on Windows Server 2003 and Windows XP: August 10, 2010

Microsoft has released security bulletin MS10-060. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support


Download information

The following file is available for download from the Microsoft Download Center:

DownloadDownload the Microsoft .NET Framework 3.5 security update package now.

Release Date: August 10, 2010

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.


To install this update, you must have Windows Installer 3.1 or a later version installed on the computer. To obtain the latest version of Windows Installer for the computer, visit the following website:

Known issues and additional information about this security update

For more information about installation issues with Microsoft .NET Framework 3.5, click the following article numbers to view the article in the Microsoft Knowledge Base:
923100 When you try to install an update for the .NET Framework 1.0, 1.1, 2.0, 3.0, or 3.5, you may receive Windows Update error code "0x643" or Windows Installer error code "1603"

923101 Error message when you try to install a security update for the .NET Framework 2.0 on a computer that is running Windows Server 2003 x64 Edition: "Error 1324. The folder 'Program Files' contains an invalid character"

2197148 A known issue with the Microsoft .NET Framework 2.0 Service Pack 1 updates and the Microsoft .NET Framework 3.5 updates

2260913 Files in use or file locks can result in Framework Assembly files being deleted

2263996 Patching of Microsoft Framework can fail with Access is denied or File in Use error

Command-line switches for this update

Information about the various command line switches that are supported by this update can be found on the following Microsoft MSDN website:
For more information about Windows Installer, visit the following Microsoft MSDN website:

Restart requirement

You do not have to restart the computer after you apply this update if the affected files are not being used.

Update removal information

To remove this update, use the Add or Remove Programs item in Control Panel.

Update replacement information

This replaces the following Microsoft .NET Framework 3.5 security update:
953300 MS09-061: Description of the security update for the Microsoft .NET Framework 2.0 Service Pack 1 and the Microsoft .NET Framework 3.5 on Windows 2000, Windows XP, and Windows Server 2003: October 13, 2009
The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

For Windows XP Service Pack 3 and for Windows Server 2003 Service Pack 2, 32-bit Editions

File nameFile versionFile sizeDateTime

For Windows Server 2003 Service Pack 2, 64-bit Edition

File nameFile versionFile sizeDateTime

For Windows Server 2003 Service Pack 2, Itanium-based Editions

File nameFile versionFile sizeDateTime
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE

Article ID: 983582 - Last Review: 05/08/2012 22:56:00 - Revision: 5.0

Microsoft .NET Framework 3.5, ,

  • kbsecadvisory kbsecbulletin kbsecurity kbsecvulnerability kbsurveynew kbfix kbbug kbqfe kbexpertiseinter KB983582