Detours Library fix for Microsoft Application Virtualization

About this hotfix
This hotfix fixes vulnerabilities in the Detours Library that's used by Microsoft Application Virtualization (App-V). The affected versions are the following:

  • App-V 5.1
  • App-V 5.0 Service Pack 3 (SP3)
  • App-V 4.6 SP3
  • App-V 4.5 SP2
An information disclosure vulnerability exists in the way that App-V handles objects in memory. This could cause an Address Space Layout Randomization (ASLR) bypass.

An attacker who successfully exploits the information disclosure vulnerability could use the obtained information to bypass the ASLR security mechanism in Windows. This mechanism helps protect users from a broad range of vulnerabilities. The ASLR bypass by itself does not allow arbitrary code execution. However, an attacker could use the ASLR bypass together with another vulnerability, such as a remote code execution vulnerability, that could use the ASLR bypass to run arbitrary code.

To exploit the ASLR bypass, an attacker would have to log on to an affected system and run a specially crafted application. Workstations are primarily vulnerable to the potential ASLR bypass.

This security update addresses the ASLR bypass by correcting how App-V components handle memory addresses.
Hotfix information
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that's described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there's a "Hotfix Download Available" section at the top of this Knowledge Base article. If this section doesn't appear, submit a request to Microsoft Customer Service and Support to get the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that don't qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft website: Note The "Hotfix Download Available" form displays the languages for which the hotfix is available. If you don't see your language, it's because a hotfix isn't available for that language.

Note The downloadable file for App-V 5.1 and App-V 5.0 SP3 has the form <Hotfix ID>_intl_i386_zip.exe and contains installers for both x86-based and x64-based architectures. For App-V 4.6 SP3, separate installers for x86 and x64 are provided. For App-V 4.5 SP2, the x86 installer is provided. See the names for the downloaded files under the File information section.

Prerequisites

To apply this hotfix for the specific version of App-V, you must have that release version of App-V installed. For example, to apply the hotfix for App-V 5.1, you must have the release version of App-V 5.1 installed or a subsequent App-V 5.1 servicing release installed.

Registry information

To apply this hotfix, you don't have to make any changes to the registry.

Restart requirement

You must restart the computer after you apply this hotfix.

Replacement information

This hotfix doesn't replace a previously released hotfix.
File information 
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

493072_intl_i386_zip.exe
File nameBuild versionFile sizeDateTimePlatform
Appv4.5sp2-rds-kb3172672-x86.msp4.5.3.201612,256,8964-Jul-1611:28x86
Appv4.5sp2-wd-kb3172672-x86.msp4.5.3.201612,256,8964-Jul-1611:47x86
493672_intl_i386_zip.exe
File nameBuild versionFile sizeDateTimePlatform
Appv4.6sp3-rds-kb3172672-x86.msp4.6.3.262608,773,63221-Sep-1611:27x86
Appv4.6sp3-wd-kb3172672-x86.msp4.6.3.262608,773,63221-Sep-1611:27x86
493673_intl_x64_zip.exe
File nameBuild versionFile sizeDateTimePlatform
Appv4.6sp3-rds-kb3172672-x64n.msp4.6.3.262609,474,04821-Sep-1611:27x64
Appv4.6sp3-wd-kb3172672-x64n.msp4.6.3.262609,474,04821-Sep-1611:27x64
493054_intl_i386_zip.exe
File nameBuild versionFile sizeDateTimePlatform
Appv5.0sp3_client_kb3172672.exe5.0.10345.076,717,97623-Jun-1611:53x86 & x64
Appv5.0sp3_rds_kb3172672.exe5.0.10345.076,716,62423-Jun-1611:53x86 & x64
493052_intl_i386_zip.exe
File nameFile versionFile sizeDateTimePlatform
Appv5.1rtm_client_kb3172672.exe5.1.108.041,005,59213-Jul-164:26x86 & x64
Appv5.1rtm_rds_kb3172672.exe5.1.108.041,005,19213-Jul-164:26x86 & x64
Status
Microsoft has confirmed that this is an update in the Microsoft products that are listed in the "Applies to" section.
References
Learn about the terminology that Microsoft uses to describe software updates.
內容

文章識別碼:3172672 - 最後檢閱時間:09/29/2016 00:22:00 - 修訂: 5.0

Microsoft Application Virtualization 4.5 for Terminal Services, Microsoft Application Virtualization 4.5 for Windows Desktops, Microsoft Application Virtualization 4.6 for Terminal Services Service Pack 3, Microsoft Application Virtualization 4.6 for Windows Desktops Service Pack 3, Microsoft Application Virtualization 5.0 for Remote Desktop Services Service Pack 3, Microsoft Application Virtualization 5.0 for Windows Desktops Service Pack 3, Microsoft Application Virtualization 5.1 for Remote Desktop Services, Microsoft Application Virtualization 5.1 for Windows Desktops

  • kbqfe kbautohotfix kbhotfixserver kbfix kbexpertiseadvanced KB3172672
意見反應