An error occurred:

Check: 2012-A-0080

windows 7 iavm: 2012-A-0080 (in version v1 r32)

Title

Multiple Remote Code Execution Vulnerabilities in Microsoft .NET Framework (Cat I impact)

Discussion

Microsoft has released a security bulletin addressing multiple vulnerabilities in Microsoft .NET Framework. The Microsoft .NET Framework is a component of the Microsoft Windows operating system that enables building and running software applications and Web services. To exploit these vulnerabilities, an attacker would entice a user to view a compromised web page containing malicious XBAP (XAML Browser Application). If successfully exploited, these vulnerabilities would allow an attacker to execute arbitrary code and compromise the affected system. At this time, there are no known exploits associated with these vulnerabilities; USCYBERCOM is not aware of any DoD related incidents.

Check Content

See IAVM notice and vendor bulletin for additional information. Microsoft Bulletin MS12-035 (2693777). Vulnerable Applications/Systems: Windows XP SP3 Microsoft .NET Framework 1.0 SP3 (KB2604042) (Media Center Edition 2005 SP3 and Tablet PC Edition 2005 SP3 only) Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604092) Microsoft .NET Framework 3.0 SP2 (KB2604110) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows XP Professional x64 Edition SP2 Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604092) Microsoft .NET Framework 3.0 SP2 (KB2604110) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2003 SP2 Microsoft .NET Framework 1.1 SP1 (KB2604078) Microsoft .NET Framework 2.0 SP2 (KB2604092) Microsoft .NET Framework 3.0 SP2 (KB2604110) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2003 x64 Edition SP2 Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604092) Microsoft .NET Framework 3.0 SP2 (KB2604110) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2003 with SP2 for Itanium-based Systems Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604092) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows Vista SP2 Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604094) Microsoft .NET Framework 3.0 SP2 (KB2604105) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows Vista x64 Edition SP2 Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604094) Microsoft .NET Framework 3.0 SP2 (KB2604105) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2008 for 32-bit Systems SP2 Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604094) Microsoft .NET Framework 3.0 SP2 (KB2604105) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2008 for x64-based Systems SP2 Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604094) Microsoft .NET Framework 3.0 SP2 (KB2604105) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2008 for Itanium-based Systems SP2 Microsoft .NET Framework 1.1 SP1 (KB2656353) Microsoft .NET Framework 2.0 SP2 (KB2604094) Microsoft .NET Framework 3.5 SP1 (KB2604111) Microsoft .NET Framework 4[1] (KB2604121) Windows 7 for 32-bit Systems Microsoft .NET Framework 3.5.1 (KB2604114) Microsoft .NET Framework 4[1] (KB2604121) Windows 7 for 32-bit Systems SP1 Microsoft .NET Framework 3.5.1 (KB2604115) Microsoft .NET Framework 4[1] (KB2604121) Windows 7 for x64-based Systems Microsoft .NET Framework 3.5.1 (KB2604114) Microsoft .NET Framework 4[1] (KB2604121) Windows 7 for x64-based Systems SP1 Microsoft .NET Framework 3.5.1 (KB2604115) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2008 R2 for x64-based Systems Microsoft .NET Framework 3.5.1 (KB2604114) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2008 R2 for x64-based Systems SP1 Microsoft .NET Framework 3.5.1 (KB2604115) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2008 R2 for Itanium-based Systems Microsoft .NET Framework 3.5.1 (KB2604114) Microsoft .NET Framework 4[1] (KB2604121) Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft .NET Framework 3.5.1 (KB2604115) Microsoft .NET Framework 4[1] (KB2604121) Server Core installation option Windows Server 2008 R2 for x64-based Systems Microsoft .NET Framework 3.5.1 (KB2604114) Windows Server 2008 R2 for x64-based Systems SP1 Microsoft .NET Framework 3.5.1 (KB2604115) Microsoft .NET Framework 4[1] (KB2604121) [1].NET Framework 4 and .NET Framework 4 Client Profile affected. The .NET Framework version 4 redistributable packages are available in two profiles: .NET Framework 4 and .NET Framework 4 Client Profile. .NET Framework 4 Client Profile is a subset of .NET Framework 4. The vulnerability addressed in this update affects both .NET Framework 4 and .NET Framework 4 Client Profile. For more information, see the MSDN article, Installing the .NET Framework. Verify the patches have been installed by checking that the following sample files are at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Systems\Applications not listed below. KB2604042 - Microsoft .NET Framework 1.0 SP3 Mscorlib.dll - 1.0.3705.6098 Windows XP SP3 (Media Center Edition 2005 SP3 and Tablet PC Edition 2005 SP3 only) KB2604078 - Microsoft .NET Framework 1.1 SP1 Mscorlib.dll - 1.1.4322.2494 Windows Server 2003 SP2 KB2656353 - Microsoft .NET Framework 1.1 SP1 Mscorlib.dll - 1.1.4322.2494 Windows XP SP3 Windows XP Professional x64 Edition SP2 Windows Vista SP2 Windows Server 2003 SP2 Windows Server 2008 SP2 KB2604092 - Microsoft .NET Framework 2.0 SP2 Mscorlib.dll - 2.0.50727.3634 or 5710 Windows XP SP3 Windows XP Professional x64 Edition SP2 Windows Server 2003 SP2 KB2604094 - Microsoft .NET Framework 2.0 SP2 Mscorlib.dll - 2.0.50727.4223 or 5710 Windows Vista SP2 Windows Server 2008 SP2 KB2604105 - Microsoft .NET Framework 3.0 SP2 PresentationCore.dll - 3.0.6920.4206 or 5738 Windows Vista SP2 Windows Server 2008 SP2 KB2604110 - Microsoft .NET Framework 3.0 SP2 PresentationCore.dll - 3.0.6920.4021 or 5810 Windows XP SP3 Windows XP Professional x64 Edition SP2 Windows Server 2003 SP2 KB2604111 - Microsoft .NET Framework 3.5 SP1 System.AddIn.dll - 3.5.30729.3676 or 5766 Windows XP SP3 Windows XP Professional x64 Edition SP2 Windows Server 2003 SP2 Windows Vista SP2 Windows Server 2008 SP2 KB2604114 - Microsoft .NET Framework 3.5.1 Mscorlib.dll - 2.0.50727.4971 or 5723 Windows 7 Windows Server 2008 R2 KB2604115 - Microsoft .NET Framework 3.5.1 Mscorlib.dll - 2.0.50727.5456 or 5710 Windows 7 SP1 Windows Server 2008 R2 SP1 KB2604121 - Microsoft .NET Framework 4[1] Mscorlib.dll - 4.0.30319.269 or 544 Windows XP SP3 Windows XP Professional x64 Edition SP2 Windows Server 2003 SP2 Windows Vista SP2 Windows Server 2008 SP2 Windows 7 and Windows 7 SP1 Windows Server 2008 R2 and Windows Server 2008 R2 SP1

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-32305

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check