MS13-040: Vulnerabilities in the .NET Framework could allow spoofing: May 14, 2013

<html><body><p>Resolves a vulnerability in the Microsoft .NET Framework that could allow identity spoofing on a client system.</p><h2></h2><div><br /><a href=“#appliestoproducts” target>View products that this article applies to.</a></div><h2>Introduction</h2><div>Resolves a vulnerability in the Microsoft .NET Framework that could allow identity spoofing on a client system.</div><h2>Summary</h2><div>Microsoft has released security bulletin MS13-040. You can view the complete security bulletin by going to one of the following Microsoft websites: <ul><li>Home users:<br /><a href=“http://www.microsoft.com/security/pc-security/bulletins/201305.aspx” target=“_self”>http://www.microsoft.com/security/pc-security/bulletins/201305.aspx</a></li><li>IT professionals:<br /><a href=“http://technet.microsoft.com/security/bulletin/ms13-040” target=“_self”>http://technet.microsoft.com/security/bulletin/MS13-040</a></li></ul></div><h2></h2><div><h3>How to obtain help and support for this security update</h3>Help installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <a href=“http://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your Windows-based computer from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a></div><h2>More Information</h2><div><h4>More information about this update</h4>The following articles contain additional information about this update as it relates to individual product versions. The articles may contain information that is specific to the individual updates, such as download URL, prerequisites, and command-line switches. <h5>The Microsoft .NET Framework 4.5</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2804583”>2804583 </a> MS13-040: Description of the security update for the .NET Framework 4.5 on Windows 8, Windows RT, and Windows Server 2012: May 14, 2013<br /><br /><br /><br /><br /><br />Known issues in security update 2804583:<br /><br /><br /><br /> <ul><li>Windows Update will not offer this security update to Windows RT-based computers until update 2808380 has been installed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:<br /><div><a href=“https://support.microsoft.com/en-us/help/2808380”>2808380 </a> Windows RT-based device cannot download software updates or Windows Store apps<br /></div></li></ul></li><li><a href=“https://support.microsoft.com/en-us/help/2804582”>2804582 </a> MS13-040: Description of the security update for the .NET Framework 4.5 on Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Vista Service Pack 2, and Windows Server 2008 Service Pack 2: May 14, 2013</li></ul><h5>The Microsoft .NET Framework 4</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2804576”>2804576 </a> MS13-040: Description of the security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: May 14, 2013</li></ul><h5>The Microsoft .NET Framework 3.5.1</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2804579”>2804579 </a> MS13-040: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: May 14, 2013 </li></ul><h5>The Microsoft .NET Framework 3.5</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2804584”>2804584 </a> MS13-040: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: May 14, 2013</li></ul><h5>The Microsoft .NET Framework 2.0</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2804580”>2804580 </a> MS13-040: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: May 14, 2013</li><li><a href=“https://support.microsoft.com/en-us/help/2804577”>2804577 </a> MS13-040: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows XP and Windows Server 2003: May 14, 2013</li></ul></div><h2></h2><div><h4>Update replacement information</h4>Update replacement information for each specific update can be found in the Knowledge Base articles that correspond to this update.</div><h2></h2><div><div><div><div><span><span></span></span><span><span>File hash information</span></span></div><div><span><div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>NDP20SP2-KB2804577-IA64.exe</td><td>174E187FF539ABE5B3AB2DDB39EE7AA6FB142C6C</td><td>6E84CBA03A9BD63D77EE4154AC6D6F47AB18C3F7B0829CB27BFE7BD5D990E268</td></tr><tr><td>NDP20SP2-KB2804577-x64.exe</td><td>9BB4FD56FEA70521D44D62B00CB7453C42B0E396</td><td>D8BDE3EE372E83DF7F1F3C9C1E0EBDCF9FA7CA48CA50E510A26B23BED3906693</td></tr><tr><td>NDP20SP2-KB2804577-x86.exe</td><td>7481153EA9BF91D69FDA639C3CA405C42E628944</td><td>0445594606A758932FB114A14C20C7F945934660EF99279F3A7834A61E65E70E</td></tr><tr><td>NDP40-KB2804576-IA64.exe</td><td>959C56ED06795FCA3C868A26146A1F764DA7505F</td><td>32BA0F05972484AECB281898F527BDD7A1F6077045E202A966DBE597790CBF7F</td></tr><tr><td>NDP40-KB2804576-x64.exe</td><td>1901EB4A352DECF21A602F8CD154FD8A69956496</td><td>A17628BF3875A88D922255B0CC9956E1220F414807C36E4A71B81234C6142BE3</td></tr><tr><td>NDP40-KB2804576-x86.exe</td><td>F7BF2D65C7F8E8697BE1ABA26D4E2BFFBC649630</td><td>86CA4C2EDDAC1487031D7B1FC11C6F21BF70952E1D2D164C18F86345A8C36A3A</td></tr><tr><td>NDP45-KB2804582-x64.exe</td><td>3608D9E33DB1E1E3E5943DE4435A2D9134F2D236</td><td>004BB76DE47956AE03D678A738977EF5AB920F8CCC096347ACD1BD491B10A177</td></tr><tr><td>NDP45-KB2804582-x86.exe</td><td>FC8F1055D87F2D82653F2D6D844719F2C5AE9013</td><td>C37FFB075D3B36FC0B0CDE896F140012427B0F4158D37BDCC577643DB5A946DD</td></tr><tr><td>Windows6.0-KB2804580-ia64.msu</td><td>020A82545485B1D7B9A2F7E09FB30D2B0842A467</td><td>5FF9DD1B502F45F5DA8DDD22BFB59F73F061DABFE1C7C8155C6A6E885BAF46B9</td></tr><tr><td>Windows6.0-KB2804580-x64.msu</td><td>A40CF4C214B9CA18BCA9194D670EB39EB42F546A</td><td>30E1316B518EA803258F9E92BE4A1F375F27AE69B63846BAF6ECD12FEF3F5B63</td></tr><tr><td>Windows6.0-KB2804580-x86.msu</td><td>8EE8DC962892E3C00E187EF2FC2403D55629FF15</td><td>8075C44E1A436469C97333EA1DB02B6D926BFBE42C570CDEB7F46115BE0342C5</td></tr><tr><td>Windows6.1-KB2804578-ia64.msu</td><td>12F704714C288B63DBA3A8FE22F4CD3586F12CB4</td><td>E5957AB3B848A2D2A091111E99A9B995B13FFB20A0E64236AA6B6E303B9FCAF7</td></tr><tr><td>Windows6.1-KB2804578-x64.msu</td><td>B916FD0817573A4E93494C3A74AA7F54B5208F74</td><td>C7969159397914DD2DFC4FEAF5BEE7927DA23F735FFBCD1577ECA6F20EAB2C35</td></tr><tr><td>Windows6.1-KB2804578-x86.msu</td><td>7DFAA7061A566D6993C910421D9512EB2F0D2597</td><td>16BB8F6980760E5795FD5B88FCF275579FFA6A28EFA6142240E0C3356961D29C</td></tr><tr><td>Windows6.1-KB2804579-ia64.msu</td><td>F6E7A64E3D62FAC26642F428D8101876E8F71EED</td><td>D21DA0F813C97FBEB7160EBF95EC79083B1B2A160E6511897BADA0E0AB3C012F</td></tr><tr><td>Windows6.1-KB2804579-x64.msu</td><td>873C8F2323B9B13C05F4E35457CE48069999E151</td><td>6590B39875957CDF7B469401872A95F4F82B32F54373DE6545B399801C383D7B</td></tr><tr><td>Windows6.1-KB2804579-x86.msu</td><td>31733C953388603BF0355BC7312E7A0E78780926</td><td>330EF99E98DBC9D21E712F95D9784E02E5152A344DA5545AB874B7CE321DF0A4</td></tr><tr><td>Windows8-RT-KB2804583-arm.msu</td><td>E3D4F3D3391744A0F7D15DEAF5A31767816C307E</td><td>5B92CC62ED9CE511B6395C0EC9D62192256CFE88216241056975615DD386CECE</td></tr><tr><td>Windows8-RT-KB2804583-x64.msu</td><td>21799165AD92B33F07404D903D3F02D0701DC081</td><td>1D01A49DE4B04ECE9F24838E895254B01C75411006A355F2D1D170DF7A4C3B83</td></tr><tr><td>Windows8-RT-KB2804583-x86.msu</td><td>A628A18DCA4F23829E7907B3BF39416858C165BF</td><td>D0205F6743FEF886D0C3F1AEE3D16005EB6C35A1E9DD84219EE690C96A1D5EF5</td></tr><tr><td>Windows8-RT-KB2804584-x64.msu</td><td>30FDD1E939F082E462FA2287B71DDD6D01BE7DB6</td><td>7C5670956B350CEE78DCA3823F328C5AADDE11934931D00EA49BDC3F348061EC</td></tr><tr><td>Windows8-RT-KB2804584-x86.msu</td><td>BA88932F83E1EAD03BFA1AD1F9DEC6FA55D01CC0</td><td>20F4BFA6E4BDB94F9DE6B699FBC9D803D4B2BFD693D5393FA080B6F87C68F95E</td></tr></table></div></div><br /></span></div></div></div></div><h2></h2><div><a></a><h3>Applies to</h3>This article applies to the following:<ul><li>Microsoft .NET Framework 4.5 when used with:<ul><li>Windows 8</li><li>Windows RT</li><li>Windows Server 2012</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 4 when used with:<ul><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Windows XP Service Pack 3</li><li>Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 3.5.1 when used with:<ul><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li></ul></li><li>Microsoft .NET Framework 3.5 when used with:<ul><li>Windows 8</li><li>Windows Server 2012</li></ul></li><li>Microsoft .NET Framework 2.0 Service Pack 2 when used with:<ul><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Windows XP Service Pack 3</li><li>Windows Server 2003 Service Pack 2</li></ul></li></ul></div></body></html>