Notice

Starting on March 10, 2020, Microsoft Update is now offering this security update to additional versions of the Windows OS.

Summary

An information disclosure vulnerability exists if Visual Studio incorrectly discloses the contents of its memory. An attacker who exploits the vulnerability could view uninitialized memory from the computer that is used to compile a program database file.

To learn more about the vulnerability, see CVE-2018-1037.

How to obtain and install the update

Method 1: Microsoft Download

The following file is available for download:

Download Download the hotfix package now.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

More information

Prerequisites

To apply this security update, you must have Visual Studio 2013 Update 5 installed.

Restart requirement

You may have to restart the computer after you apply this security update if an instance of Visual Studio is being used.

Security update replacement information

This security update doesn't replace other security updates.

Issues that are fixed in this security update

This hotfix addresses the PDB security issue described in CVE-2018-1037, in which PDB files may contain uninitialized heap content in a process that updates an existing PDB file, like mspdbsrv.exe. We strongly recommend that you use the updated PDBCopy tool to check every existing PDB that you intend to share or distribute.

 

How to obtain help and support for this security update

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure
Local support according to your country: International Support

File information

File hash information

File name

SHA1 hash

SHA256 hash

VS12-KB4089283.exe

E71CD96A75B25B84A20888277B41A0ED4550ECEB

143ED55085C46F421750917AC368CCF15099CAF9FE77EEB83EE4BC0D47A8DF2B

ヘルプを表示

スキルを磨く
トレーニングの探索
新機能を最初に入手
Microsoft Insider に参加する

この情報は役に立ちましたか?

どのような要因がお客様の操作性に影響しましたか?

フィードバックをお送りいただきありがとうございます!

×