The updates are now available for installation through WSUS. Update deployment information. For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:

View products that this article applies to. Introduction. This August 2017 Update for Windows Server 2008 Service Pack 2 (SP2), Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1 includes cumulative reliability improvements in the .NET Framework 4.5.2.

A vulnerability in certain .NET Framework APIs that parse URLs. An attacker who successfully exploits this vulnerability could use it to bypass security logic that's intended to make sure that a user-provided URL belonged to a specific host name or a subdomain of that host name.

The updates are now available for installation through WSUS. Update deployment information. For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:

IMPORTANT Some customers who use Windows Server 2008 R2 SP1 and have activated their ESU multiple activation key (MAK) add-on before installing the January 14, 2020 updates might need to re-activate their key. Re-activation on the affected devices should only be required once. For information on activation, see this blog post.

Resolves a vulnerability in the Microsoft .NET Framework that could allow remote code execution when the .NET Framework fails to properly validate input before loading libraries. An attacker who successfully exploits this vulnerability could take control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Notice. This update is included in the February 2018 Preview of the Quality Rollups for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1 and February 2018 Preview of the Quality Rollups for .NET Framework 2.0, 3.0, 4.5.2, and 4.6 Windows Server 2008 SP2 ().Parts of this update were previously included in the Security and Quality rollup (KB ...

Summary. This security update resolves a vulnerability in Microsoft .NET Framework that could allow remote code execution when Microsoft .NET Framework doesn't validate input correctly.

How to obtain and install the update Method 1: Windows Update. This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically.

File information. The English (United States) version of this update installs files that have the attributes that are listed in the following tables.