Applies to:

Microsoft .NET Framework 3.5

Summary

An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations. An attacker who successfully exploited this vulnerability could write files to folders that require higher privileges than what the attacker already has.

To learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE).

Important

  • As a reminder to advanced IT administrators, updates to .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2 should only be applied on systems where .NET Framework 3.5 is present and enabled. Customers who attempt to pre-install updates to .NET Framework 3.5 to offline images that do not contain the .NET Framework 3.5 product enabled will expose these systems to failures to enable .NET Framework 3.5 after the systems are online. For more extensive information about deploying .NET Framework 3.5, see Microsoft .NET Framework 3.5 Deployment Considerations.

  • All updates for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 require that update KB 2919355 is installed. We recommend that you install update KB 2919355 on your Windows 8.1-based, Windows RT 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Additional information about this update

The following articles contain additional information about this update as it relates to individual product versions.

  • 4514599 Description of the Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2 (KB4514599)

How to obtain and install the update

Method 1: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 2: Windows Software Update Services (WSUS)

On your WSUS server, follow these steps:

  1. Select Start, select Administrative Tools, and then select Microsoft Windows Server Update Services 3.0.

  2. Expand ComputerName, and then select Action.

  3. Select Import Updates.

  4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.

  5. After the ActiveX control is installed, you see the Microsoft Update Catalog screen. Type 4514599 into the Search box, and then select Search.

  6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Select Add to add them to your basket.

  7. After you select all the packages that you require, select View Basket.

  8. To import the packages to your WSUS server, select Import.

  9. After the packages are imported, select Close to return to WSUS.

The updates are now available for installation through WSUS.

Update deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:

20190910 Security update deployment information: September 10, 2019

Update removal information

Note We do not recommend that you remove any security update. To remove this update, use the Programs and Features item in Control Panel.

Update restart information

This update does not require a system restart after you apply it unless files that are being updated are locked or are being used.


File information
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.

Windows 8.1 and Windows Server 2012 R2 file information

Note: The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

File information

File hash information

File name

SHA1 hash

SHA256 hash

Windows8.1-KB4514350-x64.msu

2C4B69D77F417989D83BD2EB0A2129A951E25DFA

8DEEFEDB6C868A7D0C06F8D23037B1D42B6194D4D6EEAE767B62EA34F833E38C

Windows8.1-KB4514350-x86.msu

F798AF87DDC45686D9FF72495D7F709B19282F46

A035BD617C258B8A1FF76079ECBF33C369A41E7AF4F3585C14F0FE1D75D2101A

For all supported x64-based versions

File name

File version

File size

Date

Time

Platform

Big5.nlp

Not applicable

66,728

23-Sep-2018

13:28

Not applicable

Bopomofo.nlp

Not applicable

82,172

23-Sep-2018

13:28

Not applicable

Ksc.nlp

Not applicable

116,756

23-Sep-2018

13:28

Not applicable

Mscorlib.dll

2.0.50727.8810

4,575,232

27-Jul-2019

13:13

x64

Normidna.nlp

Not applicable

59,342

23-Sep-2018

13:29

Not applicable

Normnfc.nlp

Not applicable

45,794

23-Sep-2018

13:29

Not applicable

Normnfd.nlp

Not applicable

39,284

23-Sep-2018

13:29

Not applicable

Normnfkc.nlp

Not applicable

66,384

23-Sep-2018

13:29

Not applicable

Normnfkd.nlp

Not applicable

60,294

23-Sep-2018

13:29

Not applicable

Prc.nlp

Not applicable

83,748

23-Sep-2018

13:29

Not applicable

Prcp.nlp

Not applicable

83,748

23-Sep-2018

13:29

Not applicable

Sortkey.nlp

Not applicable

262,148

23-Sep-2018

13:29

Not applicable

Sorttbls.nlp

Not applicable

20,320

23-Sep-2018

13:29

Not applicable

Xjis.nlp

Not applicable

28,288

23-Sep-2018

13:29

Not applicable

Mscordacwks.dll

2.0.50727.8810

1,758,080

27-Jul-2019

13:13

x64

Mscorwks.dll

2.0.50727.8810

10,011,520

27-Jul-2019

13:13

x64

Sos.dll

2.0.50727.8810

486,784

27-Jul-2019

13:13

x64

Big5.nlp

Not applicable

66,728

26-Oct-2017

16:06

Not applicable

Bopomofo.nlp

Not applicable

82,172

26-Oct-2017

16:06

Not applicable

Ksc.nlp

Not applicable

116,756

26-Oct-2017

16:06

Not applicable

Mscorlib.dll

2.0.50727.8810

4,558,848

27-Jul-2019

13:11

x86

Normidna.nlp

Not applicable

59,342

26-Oct-2017

16:06

Not applicable

Normnfc.nlp

Not applicable

45,794

26-Oct-2017

16:06

Not applicable

Normnfd.nlp

Not applicable

39,284

26-Oct-2017

16:06

Not applicable

Normnfkc.nlp

Not applicable

66,384

26-Oct-2017

16:06

Not applicable

Normnfkd.nlp

Not applicable

60,294

26-Oct-2017

16:06

Not applicable

Prc.nlp

Not applicable

83,748

26-Oct-2017

16:06

Not applicable

Prcp.nlp

Not applicable

83,748

26-Oct-2017

16:06

Not applicable

Sortkey.nlp

Not applicable

262,148

26-Oct-2017

16:06

Not applicable

Sorttbls.nlp

Not applicable

20,320

26-Oct-2017

16:06

Not applicable

Xjis.nlp

Not applicable

28,288

26-Oct-2017

16:06

Not applicable

Mscordacwks.dll

2.0.50727.8810

991,104

27-Jul-2019

13:11

x86

Mscorwks.dll

2.0.50727.8810

5,949,832

27-Jul-2019

13:11

x86

Sos.dll

2.0.50727.8810

390,536

27-Jul-2019

13:11

x86

For all supported x86-based versions

File name

File version

File size

Date

Time

Platform

Big5.nlp

Not applicable

66,728

26-Oct-2017

16:06

Not applicable

Bopomofo.nlp

Not applicable

82,172

26-Oct-2017

16:06

Not applicable

Ksc.nlp

Not applicable

116,756

26-Oct-2017

16:06

Not applicable

Mscorlib.dll

2.0.50727.8810

4,558,848

27-Jul-2019

13:11

x86

Normidna.nlp

Not applicable

59,342

26-Oct-2017

16:06

Not applicable

Normnfc.nlp

Not applicable

45,794

26-Oct-2017

16:06

Not applicable

Normnfd.nlp

Not applicable

39,284

26-Oct-2017

16:06

Not applicable

Normnfkc.nlp

Not applicable

66,384

26-Oct-2017

16:06

Not applicable

Normnfkd.nlp

Not applicable

60,294

26-Oct-2017

16:06

Not applicable

Prc.nlp

Not applicable

83,748

26-Oct-2017

16:06

Not applicable

Prcp.nlp

Not applicable

83,748

26-Oct-2017

16:06

Not applicable

Sortkey.nlp

Not applicable

262,148

26-Oct-2017

16:06

Not applicable

Sorttbls.nlp

Not applicable

20,320

26-Oct-2017

16:06

Not applicable

Xjis.nlp

Not applicable

28,288

26-Oct-2017

16:06

Not applicable

Mscordacwks.dll

2.0.50727.8810

991,104

27-Jul-2019

13:11

x86

Mscorwks.dll

2.0.50727.8810

5,949,832

27-Jul-2019

13:11

x86

Sos.dll

2.0.50727.8810

390,536

27-Jul-2019

13:11

x86

Information about protection and security

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×