Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.


View products that this article applies to.

Introduction

This security update resolves the following:

  • The vulnerabilities that could allow remote code execution if an attacker sends a specially crafted URL request that contains international characters to a Microsoft .NET web application.

  • The vulnerabilities that could allow elevation of privilege by improving how Microsoft .NET Framework communicates with the ClickOnce installer process.

  • A security feature bypass vulnerability that could let an attacker bypass the Address Space Layout Randomization (ASLR) security feature. An attacker could use this ASLR bypass vulnerability together with another vulnerability, such as a remote code execution vulnerability, to take advantage of the ASLR bypass to run arbitrary code.


Summary

Microsoft has released security bulletin MS14-057. Learn more about how to obtain the fixes that are included in this security bulletin:

  • For individual, small business, and organizational users, use the Windows automatic updating feature to install the fixes from Microsoft Update. To do this, see Get security updates automatically on the Microsoft Safety and Security Center website.

  • For IT professionals, see Microsoft Security Bulletin MS14-057 on the Security TechCenter website.

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More Information

More information about this update

The following articles contain additional information about this update as it relates to individual product versions. The articles may contain specific information to the individual updates such as a download URL, prerequisites, and command-line switches.

Microsoft .NET Framework 4.5, the .NET Framework 4.5.1, and the .NET Framework 4.5.2

  • 2979578 MS14-057: Description of the security update for the .NET Framework 4.5, the .NET Framework 4.5.1, and the .NET Framework 4.5.2 for Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows Server 2008 R2 SP1: October 14, 2014

  • 2972107 MS14-057: Description of the security update for the .NET Framework 4.5, the .NET Framework 4.5.1, and the .NET Framework 4.5.2 for Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows Server 2008 R2 SP1: October 14, 2014

  • 2979577 MS14-057: Description of the security update for the .NET Framework 4.5, the .NET Framework 4.5.1, and the .NET Framework 4.5.2 for Windows 8, Windows RT, and Windows Server 2012: October 14, 2014

  • 2978042 MS14-057: Description of the security update for the .NET Framework 4.5, the .NET Framework 4.5.1, and the .NET Framework 4.5.2 for Windows 8, Windows RT, and Windows Server 2012: October 14, 2014

  • 2979576 MS14-057: Description of the security update for the .NET Framework 4.5.1 and the .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: October 14,

  • 2978041 MS14-057: Description of the security update for the .NET Framework 4.5.1 and the .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: October 14, 2014

Microsoft .NET Framework 4

  • 2979575 MS14-057: Description of the security update for the .NET Framework 4 for Windows Server 2003 SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows Server 2008 R2 SP1: October 14, 2014

  • 2972106 MS14-057: Description of the security update for the .NET Framework 4 for Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows Server 2008 R2 SP1: October 14, 2014

Microsoft .NET Framework 3.5.1

  • 2979570 MS14-057: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: October 14, 2014

  • 2972100 MS14-057: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: October 14, 2014

  • 2968294 MS14-057: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: October 14, 2014

Microsoft .NET Framework 3.5

  • 2979573 MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: October 14, 2014

  • 2972103 MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: October 14, 2014

  • 2968296 MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: October 14, 2014

  • 2979571 MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8 and Windows Server 2012: October 14, 2014

  • 2972101 MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8 and Windows Server 2012: October 14, 2014

  • 2968295 MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8 and Windows Server 2012: October 14, 2014

Microsoft .NET Framework 2.0

  • 2979568 MS14-057: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: October 14, 2014

  • 2972098 MS14-057: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: October 14, 2014

  • 2979574 MS14-057: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Server 2003 Service Pack 2: October 14, 2014

  • 2972105 MS14-057: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Server 2003 Service Pack 2: October 14, 2014

  • 2968292 MS14-057: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: October 14, 2014

Update replacement information

Update replacement information for each specific update can be found in the Knowledge Base articles that correspond to this update.

File name

SHA1 hash

SHA256 hash

MSIPatchRegFix-AMD64.exe

5011CB29B096FB674A4795EE8FC2F7FDAD33863A

BA62C33DD90ECC3C945AE4F52EEEB2FA07D2C53FB975263B483D09D80F02230D

MSIPatchRegFix-IA64.exe

CB861EAF1F4CDFFAD5F83604C7250CD9EDD96433

61867793FC7556B79E5833CC18F493A5611EDE94E0D944575E89BAA76B223A0D

MSIPatchRegFix-X86.exe

94A84B80B8B45A1AC53A0E5D085513DA0F099655

C83C5EE1D4FBFF5260A7D984471EAF4C6004431C21B4F661018BDB92CC124290

NDP20SP2-KB2972105-IA64.exe

181FFB6B8C6EAD42B9BE36232FD3FA8FFCC7DC11

D2EBA1536AE701CE315C70591D0310FFC05272C3CFAC269A574EA4688BE52059

NDP20SP2-KB2972105-x64.exe

EA41D17C2AA2115FBE4A86122C2B04B0DF939018

A82AA5DFE1296282537A05043F9C4B965C4FA230EFEBE17ADFC229E0644AF2C5

NDP20SP2-KB2972105-x86.exe

9896D03074FE86CD49481DFC643FBA4D2060171C

E5B3B2CB9ADE9129545EB6875A18ACE5E8F6EF811FF610F804CBC6562F63FAEA

NDP20SP2-KB2979574-v2-IA64.exe

435C2F1A3867DC48572A92154E8784BD2C614C79

75ED560D6B5344BC8B1A1E8B2C5F8009D461A58B5A5A0C850B9CAEE257F71FEF

NDP20SP2-KB2979574-v2-x64.exe

6A79FF5E419B3FD11449945EF2D24389E0B4ADF8

FAB19F92DCDC38F4EF83DD2D263147A3F35BF75B007F83D216F694F7BBE6C3BD

NDP20SP2-KB2979574-v2-x86.exe

E9D7E292CFF96F768A99C2F2DBEBA9CA14784C70

D0E4B7A685E481D879D948F8C55783AD266ED4641C2355F3D515255C13C96FA6

NDP40-KB2972106-IA64.exe

7AB764B14D3F4B5E0093C970A761E59296C5F8A2

AFA5998D13A93A2807D18C283565D5C7A352CC1DE63FC069E8331E5DD21E0F9D

NDP40-KB2972106-x64.exe

4631DA8D6454B5680C0159B5254C15D54A8184E1

BD44D2CB053510E0CB0BC3BAAE97E34D06D241E4BFC6E03C974A4177E6E0C480

NDP40-KB2972106-x86.exe

D4DC74D00B867FE7E2913292341BF86633CB601B

100938ADC6DBCD34775AFA58BCDA0B93D83F6270E3F00D0A6CBEDC779533759D

NDP40-KB2979575-v2-IA64.exe

6FE17DD1B17066C83838B9C37816F50E923771D4

D016385E98986E973645D583102AA540B2ADB33DD0C5C50D5950D1BCDF58CFEA

NDP40-KB2979575-v2-x64.exe

DB55951BF20173742751FEDA19432BC2F96DC3EE

3D42B4902F95686C38748E9F17C587E3109C44BECF00DF36A7DE7199C9E28B2E

NDP40-KB2979575-v2-x86.exe

777DFD33ABB9A9DCFC3192CA910C58061C32D5B1

FEA33AE2A36485EB3E54A92375EA6BD357A808C0A5C165CD5914DD9BC7461843

NDP45-KB2972107-x64.exe

338BD55ED27B6897C6BCAA2A6EF9C57E77B95910

2327E0239CD26F22D71A697F9657333BB5B3503401C2B512308F6760AC670E01

NDP45-KB2972107-x86.exe

1FF2E8E02ED7FF97457A85EADDEA125BEAED428C

E47EA29BE134E5A27F621A717C16F97628215F6963F49DE8954EC3B247CB6450

NDP45-KB2979578-v2-x64.exe

8572841FC55CCF101C01F87EBFA4EC7BE0911EBF

539A78EBBDE633C12FBE59FFC6361B9A251FEAAB7A3A82864C963DA7DF7E5E49

NDP45-KB2979578-v2-x86.exe

ABD805B4503234EDF7A3D0EE32EE5BA1A72C6AC1

35CAAA796806D3631E11B62D742063CA7B1A41E9D4B73FDD9A0A802295DF8906

Windows6.0-KB2968292-ia64.msu

A9CFAD95B0D8BBE2C01541E09A916788A53087EB

68979E3BDBCB6C085FA2BB9B094C2B69ADE0CF152777E72C32DDF0AB22F4B3A7

Windows6.0-KB2968292-x64.msu

CAA91DA06AC6928409E34821F9B46568068C0EF1

BC2354B15D9336F3CA6C82F813962DA96F22A1DCC5054668A7367625B3B5D1F8

Windows6.0-KB2968292-x86.msu

B5352367B47FE33D868C40D58FE8C78BFA278B04

97A731C2776D7E21BEFF723486059020968A57085328FF133E2F77185763697E

Windows6.0-KB2972098-ia64.msu

A837A86DBA74E550E62D59451AF4BED6BE5885DB

189A1A9A534911BCCF4D3C3C24EEDEFC8360D1C368AF7D49EC52AB914DB7F56C

Windows6.0-KB2972098-x64.msu

4E4A09AA4EC90794698A04DEE27292CBB8F317D3

EFA450FB91DEE1856EC120ED251C633503C1C04AEDC21C4E700B085889269602

Windows6.0-KB2972098-x86.msu

CB46202234110F149232A535BDBAC67F0A7891C7

367E7D40208487ED8220F495B925DBE554075DC88FF809572020F1798E2226DB

Windows6.0-KB2979568-ia64.msu

3D7409E38738911D59C72E65E21CFAFF24ED9630

BDEF311ED4E9613F3F4A68F59031321F4A5F50C556DC6FA1D808D7FDF6065D94

Windows6.0-KB2979568-x64.msu

F0C3DF10507C0EEBADC5F5CB722C093A3A46C5E7

B974C1585BB07D0756197631D4DCA372180AE1B17FD36F717ADDD1486BB2A43D

Windows6.0-KB2979568-x86.msu

984EEDD830AAE372AC0578973BEEF80BC5EA08F2

A606F49318A2171A729AC14663E4C12262E47F0FD7361D74E6C0AB1D9DE728E0

Windows6.1-KB2968294-ia64.msu

43BC4F31CFC8C133D625BB83567B8BE0064030DA

ACA6B01C2ED8AC2AB72E7E24949B186C2C9DA7C29BC36EF8BB49F1290FB7FA8B

Windows6.1-KB2968294-x64.msu

CFF0BAFAC3C677448C233DC0B596C8A14B9FF58C

42F7C07A483A7940F8C0FF61F8F16D0839E567B9848BA67EAED2A20064FC11AD

Windows6.1-KB2968294-x86.msu

5D007341C62969877271E7AA20607281BC8C338B

764766E0732A29B718B5F49949C91506494A8D2EDBEF995770C089E6825277EA

Windows6.1-KB2972100-ia64.msu

5E463F7DF88201A29F470063A0512DF2B92A9755

90C85E6E9B5858C843C9D1384AE8F1718BFE759738FC6C670A6B54E16761D930

Windows6.1-KB2972100-x64.msu

BA7FB9E64BCA3E59AC2310652357065817B3355B

0B267ED605A410A328B2EDE3D4F28C4EF781F6F225B5A2F8C0C4F21E87AC046A

Windows6.1-KB2972100-x86.msu

2ED06D2B5D61481A10C30622EE9B3065F23AECC7

A12D47161C2BC803111D320D37246B069E06FC0823BD97D9DCA3B621D9F009AE

Windows6.1-KB2979570-ia64.msu

4584844DAFF8896D9647032CAD2C2C8E43B13DB7

728853A40FB3EFAA24090F8946B718C36A958E87CFDC9D3FCA067B84B712216A

Windows6.1-KB2979570-x64.msu

646D2E4C8D3649BAB3A7D19AD436ECF22F4021E4

82986C6100C5D27CC9CF48F7305C0D99F78FB6ACACA6165198551EF0D6556E67

Windows6.1-KB2979570-x86.msu

F1763AC37FB72D8DA11C6162EE7EA71C0F92DA96

2F319B052C45291843A8F0AFA7B087D3D4729A232B7AB1CF3DA43937CCD1070B

Windows8-RT-KB2968295-x64.msu

9E54756A93C909DE40FCA51F88D5C0EBDC9EF2B8

800351B96E0830FD13BE82378C4A96F432318493E8AC524DEB1335115D986323

Windows8-RT-KB2968295-x86.msu

5C159A12B314A2EC3D448D572BAC118B6FBED3BC

46FE382621C0554241CC52A8EB339C92CCA5478A611EDD1F71AC9FAFBE032A8B

Windows8-RT-KB2972101-x64.msu

5C312B8A8CC10509E7693DD0FB4185461D74D6F1

55FA3CAFE95A11F3C40865AE7D1ACD08035DD544D1253628B26C71C9E0B14A15

Windows8-RT-KB2972101-x86.msu

CDFC9D5340B6733A9E84C1745BDADD011FBDEB18

67E4C349C49EFE2E750A02FB603309A745BEC9CB0DDA4A2083EBEC5639598EF3

Windows8-RT-KB2978042-x64.msu

4B4671DBAE1C60DAA6D8B9CDB40A4279BF31EA93

3713DFF1D1906B5C1EA14665C37D0313B8FA0B9039FCE128B0153ABFB5BBC04B

Windows8-RT-KB2978042-x86.msu

F6ABC2CA0B16D91AB8167EE2A2C17E9EB3C574FD

71E0BC0D3D3BBA05ABB066A956A5A5D3905E70C505B9BBF7079865DD5D34D0C9

Windows8-RT-KB2979571-x64.msu

65A41D244FDC424654E00E1D8EB9C9B25729F902

DB95460031DA85545DFB5CC7E9099039223B6D5D662AA6532D8BD5CBD7CF6536

Windows8-RT-KB2979571-x86.msu

4E5EDD3FA24B207A821C674D78DA858F1F363A3E

ABFB9F76FAAC720F4258D39212D3241D034224E19A3A706596E493B5BD2D54D6

Windows8-RT-KB2979577-x64.msu

9029B740D449AC74DE98B186DA51C09E3BC8DE41

90EEFFF2004C0CF4CD47088316A3E0B69E7239E7B6FDAEF3B6B2ED7BAF203326

Windows8-RT-KB2979577-x86.msu

7136743342F647D3D16B6C9715AF1E07058870C2

DC0297B8C66EA34ED3D3261D970EE7C1C4D0F75074EC99B763479FD57A907F78

Windows8.1-KB2968296-x64.msu

A5D0DE083618322CD696C91D30A01C0FF060AF0F

869C533AF42E14EC2D5B2BFC8A076AEA8A3958A4ABA92D02BB79DBCF02102B1B

Windows8.1-KB2968296-x86.msu

D96BE3355E90A63A43E6D5A91F3E21AC879A7699

B2AB8F69247C0C5512FF33667FD4AE6F8606D8181A5E1982D36FF4DC1F2A6AB6

Windows8.1-KB2972103-v2-x64.msu

539F9C91D2CFDF2D046DBD96CD6EFE2748702EE0

79869AF484F7A0B2B2EDD5D9DE9DB209621032A6C045D2C9C46CB7199868036D

Windows8.1-KB2972103-v2-x86.msu

A07E9097F4BB1664DCD6B45112F97933208EFD77

352C3EE9FF72986C92809531E93870884A7FC0E78713162D579C06329AB19FBF

Windows8.1-KB2978041-x64.msu

93D7DD68C7487670C0AB4D5EB154A0EF5E40A306

E8E85B3F3D0AC53436D12D3783CE680C6CEE288642964C5842A650156EE5FB43

Windows8.1-KB2978041-x86.msu

80ADD0097BB5940209E825E6948A0935791F2F69

20D4349FB5EB2948A65365241CCC4B6D7C041CB57A1515616DE96B2E17C2AB37

Windows8.1-KB2979573-x64.msu

4E6B3A60155951F82426AACD24D2076875DDE8F7

43917781745BEC2D904C02A9BD522FBA1CCE6A6B83842EF561F6EBBC8B605750

Windows8.1-KB2979573-x86.msu

48E21177A582CA8F94DB6819D1DCA8A9FFB2AA0B

9B1BDB0A281E623BABC8BD9C5C766F5EFCE7ADDFF937F72CDB6E264CDF6FBBA8

Windows8.1-KB2979576-x64.msu

41A253554010BE99A3CA3A01BAC864D534645253

87F60311C67BA282436F9F058177B25722577A2F8693E9FEA3311697DB63A30E

Windows8.1-KB2979576-x86.msu

322E42AEBB7E4E65BA934D4495C4F9B8A2EE80CD

BD33B42826DC144F2C6368D7021DD2AD2C60EF38EE1015C0B532EFF13AE433DE



Applies toThis article applies to the following:

  • Microsoft .NET Framework 4.5.2 when used with:

    • Windows 8.1

    • Windows RT 8.1

    • Windows Server 2012 R2

    • Windows 8

    • Windows RT

    • Windows Server 2012

    • Windows 7 Service Pack 1

    • Windows Server 2008 R2 Service Pack 1

    • Windows Vista Service Pack 2

    • Windows Server 2008 Service Pack 2

  • Microsoft .NET Framework 4.5.1 when used with:

    • Windows 8.1

    • Windows RT 8.1

    • Windows Server 2012 R2

    • Windows 8

    • Windows RT

    • Windows Server 2012

    • Windows 7 Service Pack 1

    • Windows Server 2008 R2 Service Pack 1

    • Windows Vista Service Pack 2

    • Windows Server 2008 Service Pack 2

  • Microsoft .NET Framework 4.5 when used with:

    • Windows 8.1

    • Windows RT 8.1

    • Windows Server 2012 R2

    • Windows 8

    • Windows RT

    • Windows Server 2012

    • Windows 7 Service Pack 1

    • Windows Server 2008 R2 Service Pack 1

    • Windows Vista Service Pack 2

    • Windows Server 2008 Service Pack 2

  • Microsoft .NET Framework 4 when used with:

    • Windows 7 Service Pack 1

    • Windows Server 2008 R2 Service Pack 1

    • Windows Server 2008 Service Pack 2

    • Windows Server 2003 Service Pack 2

  • Microsoft .NET Framework 3.5.1 when used with:

    • Windows 7 Service Pack 1

    • Windows Server 2008 R2 Service Pack 1

  • Microsoft .NET Framework 3.5 when used with:

    • Windows 8.1

    • Windows Server 2012 R2

    • Windows 8

    • Windows Server 2012

  • Microsoft .NET Framework 2.0 Service Pack 2 when used with:

    • Windows Vista Service Pack 2

    • Windows Server 2008 Service Pack 2

    • Windows Server 2003 Service Pack 2

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×