Microsoft Security Advisory 2960358

Update for Disabling RC4 in .NET TLS

Published: May 13, 2014 | Updated: October 13, 2015

Version: 2.0

Executive Summary

On May 13, 2014, Microsoft announced the availability of an update for Microsoft .NET Framework that disables RC4 in Transport Layer Security (TLS) through the modification of the system registry. Use of RC4 in TLS could allow an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions.

As of October 13, 2015, Microsoft is broadening the affected software list to include Windows 10 systems that are running .NET Framework 3.5 applications and systems with .NET Framework 4.6 installed that are running .NET Framework 4.5/4.5.1/4.5.2 applications.

Recommendation. Microsoft recommends that customers download and test the update before deploying it in their environments as soon as possible. Please see the Suggested Actions section of this advisory for more information.

Known Issues. Microsoft Knowledge Base Article 2978675 documents the currently known issues that customers may experience when installing this update. The article also documents recommended solutions for these issues.

Advisory Details

Issue References

For more information about this issue, see the following references:

|**References**|**Identification**| |------------|------------| |**Microsoft Knowledge Base Article**|[2960358](https://support.microsoft.com/kb/2960358) |

Affected Software

This advisory discusses the following software.

|**Operating System**|**Component**| |------------|------------| |**Windows 7**| |Windows 7 for 32-bit Systems Service Pack 1|[Microsoft .NET Framework 3.5.1](https://www.microsoft.com/download/details.aspx?familyid=242bb1e8-ec99-46a7-9bee-371f7ae3472e)[1] (2898851)| |Windows 7 for 32-bit Systems Service Pack 1|[Microsoft .NET Framework 4](https://www.microsoft.com/download/details.aspx?familyid=58ce8304-7ab7-45fc-ad9b-77f63cbaf690)[1][2] (2938780)| |Windows 7 for 32-bit Systems Service Pack 1|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=3782d44b-1b6b-40ad-bf33-7554fdd153c8)[1] (2938782)| |Windows 7 for 32-bit Systems Service Pack 1|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=3782d44b-1b6b-40ad-bf33-7554fdd153c8)[1] (2938782)| |Windows 7 for 32-bit Systems Service Pack 1|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=656530d4-d300-4aa1-b015-18437d5991d5)[1] (2954853)| |Windows 7 for 32-bit Systems Service Pack 1|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows 7 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 3.5.1](https://www.microsoft.com/download/details.aspx?familyid=242bb1e8-ec99-46a7-9bee-371f7ae3472e)[1] (2898851)| |Windows 7 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 4](https://www.microsoft.com/download/details.aspx?familyid=58ce8304-7ab7-45fc-ad9b-77f63cbaf690)[1][2] (2938780)| |Windows 7 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=3782d44b-1b6b-40ad-bf33-7554fdd153c8)[1] (2938782)| |Windows 7 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=3782d44b-1b6b-40ad-bf33-7554fdd153c8)[1] (2938782)| |Windows 7 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=656530d4-d300-4aa1-b015-18437d5991d5)[1] (2954853)| |Windows 7 for x64-based Systems Service Pack 1|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |**Windows Server 2008 R2**| |Windows Server 2008 R2 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 3.5.1](https://www.microsoft.com/download/details.aspx?familyid=242bb1e8-ec99-46a7-9bee-371f7ae3472e)[1] (2898851)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 4](https://www.microsoft.com/download/details.aspx?familyid=58ce8304-7ab7-45fc-ad9b-77f63cbaf690)[1][2] (2938780)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=3782d44b-1b6b-40ad-bf33-7554fdd153c8)[1] (2938782)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=3782d44b-1b6b-40ad-bf33-7554fdd153c8)[1] (2938782)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=656530d4-d300-4aa1-b015-18437d5991d5)[1] (2954853)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows Server 2008 R2 for Itanium-based Systems Service Pack 1|[Microsoft .NET Framework 3.5.1](https://www.microsoft.com/download/details.aspx?familyid=242bb1e8-ec99-46a7-9bee-371f7ae3472e)[1] (2898851)| |Windows Server 2008 R2 for Itanium-based Systems Service Pack 1|[Microsoft .NET Framework 4](https://www.microsoft.com/download/details.aspx?familyid=58ce8304-7ab7-45fc-ad9b-77f63cbaf690)[1][2] (2938780)| |**Windows 8 and Windows 8.1**| |Windows 8 for 32-bit Systems|[Microsoft .NET Framework 3.5](https://www.microsoft.com/download/details.aspx?familyid=fa9b8fc3-c7ee-4928-9f69-3d2db476d583)[1] (2898845)| |Windows 8 for 32-bit Systems|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows 8 for 32-bit Systems|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows 8 for 32-bit Systems|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows 8 for 32-bit Systems|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows 8 for 64-bit Systems|[Microsoft .NET Framework 3.5](https://www.microsoft.com/download/details.aspx?familyid=fa9b8fc3-c7ee-4928-9f69-3d2db476d583)[1] (2898845)| |Windows 8 for 64-bit Systems|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows 8 for 64-bit Systems|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows 8 for 64-bit Systems|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows 8 for 64-bit Systems|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows 8.1 for 32-bit Systems|[Microsoft .NET Framework 3.5](https://www.microsoft.com/download/details.aspx?familyid=6b756b6b-f6a0-4ae6-9a03-37031a2bd7c8) (2898847)| |Windows 8.1 for 32-bit Systems|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows 8.1 for 32-bit Systems|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows 8.1 for 32-bit Systems|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows 8.1 for 64-bit Systems|[Microsoft .NET Framework 3.5](https://www.microsoft.com/download/details.aspx?familyid=6b756b6b-f6a0-4ae6-9a03-37031a2bd7c8) (2898847)| |Windows 8.1 for 64-bit Systems|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows 8.1 for 64-bit Systems|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows 8.1 for 64-bit Systems|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |**Windows Server 2012 and Windows Server 2012 R2**| |Windows Server 2012|[Microsoft .NET Framework 3.5](https://www.microsoft.com/download/details.aspx?familyid=fa9b8fc3-c7ee-4928-9f69-3d2db476d583)[1] (2898845)| |Windows Server 2012|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows Server 2012|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows Server 2012|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows Server 2012|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows Server 2012 R2|[Microsoft .NET Framework 3.5](https://www.microsoft.com/download/details.aspx?familyid=6b756b6b-f6a0-4ae6-9a03-37031a2bd7c8) (2898847)| |Windows Server 2012 R2|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows Server 2012 R2|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows Server 2012 R2|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |**Windows RT and Windows RT 8.1**| |Windows RT|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows RT|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows RT|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows RT 8.1|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows RT 8.1|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |**Windows 10**| |Windows 10 for 32-bit Systems|Microsoft .NET Framework 3.5[3]| |Windows 10 for 32-bit Systems|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows 10 for x64-based Systems|Microsoft .NET Framework 3.5[3]| |Windows 10 for x64-based Systems|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |**Server Core installation option**| |Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)|[Microsoft .NET Framework 3.5.1](https://www.microsoft.com/download/details.aspx?familyid=242bb1e8-ec99-46a7-9bee-371f7ae3472e)[1] (2898851)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)|[Microsoft .NET Framework 4](https://www.microsoft.com/download/details.aspx?familyid=58ce8304-7ab7-45fc-ad9b-77f63cbaf690)[1][2] (2938780)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=3782d44b-1b6b-40ad-bf33-7554fdd153c8)[1] (2938782)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=3782d44b-1b6b-40ad-bf33-7554fdd153c8)[1] (2938782)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=656530d4-d300-4aa1-b015-18437d5991d5)[1] (2954853)| |Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows Server 2012 (Server Core installation)|[Microsoft .NET Framework 3.5](https://www.microsoft.com/download/details.aspx?familyid=fa9b8fc3-c7ee-4928-9f69-3d2db476d583)[1] (2898845)| |Windows Server 2012 (Server Core installation)|[Microsoft .NET Framework 4.5](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows Server 2012 (Server Core installation)|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows Server 2012 (Server Core installation)|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=b191919e-53d5-4510-aa35-b316f90c6c28)[1] (2898849)| |Windows Server 2012 (Server Core installation)|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]| |Windows Server 2012 R2 (Server Core installation)|[Microsoft .NET Framework 3.5](https://www.microsoft.com/download/details.aspx?familyid=6b756b6b-f6a0-4ae6-9a03-37031a2bd7c8) (2898847)| |Windows Server 2012 R2 (Server Core installation)|[Microsoft .NET Framework 4.5.1](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows Server 2012 R2 (Server Core installation)|[Microsoft .NET Framework 4.5.2](https://www.microsoft.com/download/details.aspx?familyid=668a45c2-c571-4e3b-960e-dff97f0a16f9) (2898850)| |Windows Server 2012 R2 (Server Core installation)|Microsoft .NET Framework 4.5/4.5.1/4.5.2 on systems with .NET Framework 4.6 installed[3]|

[1]Prerequisite. This update requires pre-installation of the 2868725 update released in November, 2013, or any update that installs a later file version of schannel.dll than the one released with the 2868725 update.

[2].NET Framework 4 and .NET Framework 4 Client Profile affected. The .NET Framework version 4 redistributable packages are available in two profiles: .NET Framework 4 and .NET Framework 4 Client Profile. .NET Framework 4 Client Profile is a subset of .NET Framework 4. The vulnerability addressed in this update affects both .NET Framework 4 and .NET Framework 4 Client Profile. For more information, see the MSDN article, Installing the .NET Framework.

[3]Customers who are running .NET Framework 3.5 applications on Windows 10 or .NET Framework 4.5/4.5.1/4.5.2 applications on systems with .NET Framework 4.6 installed must follow the steps provided in this advisory for manually disabling RC4 in TLS. See the Suggested Actions section of this advisory for details. Note that systems running .NET Framework 4.6 only are protected by default and do not need to be updated. For more information on default behavior for .NET Framework 4.6, see Retargeting Changes in the .NET Framework 4.6.  

Note Windows Server Technical Preview 3 is affected. Customers running this operating system are encouraged to follow the steps provided in this advisory for manually disabling RC4 where applicable. See the Suggested Actions section of this advisory for details. 

Advisory FAQ

Are there any prerequisites for installing the updates addressed in this advisory?
Yes. Pre-installation of the 2868725 update, released in November, 2013, is a prerequisite for installing the updates addressed in this advisory, with the exception of those updates applying to Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. For more information about the prerequisite update, see Microsoft Knowledge Base Article 2868725.

Are the updates available on Windows Update?
No. Because the updates could affect compatibility with existing applications and services by disabling the unsecured RC4 cipher, Microsoft is providing the updates on an opt-in basis only (via the Microsoft Download Center and Microsoft Update Catalog only). The updates are not being provided via Windows Update in order to give customers the ability to plan and test the new settings for disabling RC4 prior to implementation in their environments.

What is the scope of the advisory?
The purpose of this advisory is to notify customers that an update is available for Microsoft .NET Framework that disables RC4 in Transport Layer Security (TLS) and also changes the SSL/TLS default protocol from TLS 1.0 | SSL 3.0 to TLS 1.2 | TLS 1.1 | TLS 1.0 if you are running a .NET application on the .NET 4.5 runtime or higher.

What might an attacker use the vulnerability to do?
Use of RC4 in TLS could allow an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions.

What is a man-in-the-middle attack?
A man-in-the-middle attack occurs when an attacker reroutes communication between two users through the attacker's computer without the knowledge of the two communicating users. Each user in the communication unknowingly sends traffic to and receives traffic from the attacker, all the while thinking they are communicating only with the intended user.

What does theupdate do?
The update supports the removal of RC4 as an available cipher on affected systems through registry settings. Microsoft recommends that customers test any new settings for disabling RC4 prior to implementation in their environments.

What is TLS?
Transport Layer Security (TLS) is a standard protocol that is used to provide secure web communications on the Internet or on intranets. It enables clients to authenticate servers or, optionally, servers to authenticate clients. It also provides a secure channel by encrypting communications. TLS is the successor to the Secure Sockets Layer (SSL) protocol.

What is RC4?
RC4 is a stream cipher that is used in both encryption and decryption.

Suggested Actions

  • Install the update where provided for your combination of .NET Framework and operating system

    Updates are available for most affected software configurations except .NET Framework 3.5 on Windows 10 and .NET Framework 4.6 on systems running .NET Framework 4.5/4.5.1/4.5.2 applications. Note that systems with applications only targeting .NET Framework 4.6 are already protected by default; however, systems that have .NET Framework 4.6 installed that are running applications targeting .NET Framework 4.5/4.5.1/4.5.2 will need to be updated manually using the appropriate procedure below.

    The updates, where available, are provided from the Microsoft Download Center via the links in the Affected Software table.

  • Manually disable RC4 in TLS on systems running .NET Framework 3.5

    The following steps are primarily for customers running .NET Framework 3.5 on Windows 10 (or on Windows Server Technical Preview 3), for which an update is not available. However, for customer running .NET Framework 3.5 on all earlier affected operating systems, the manual steps serve as an optional alternative to installing the available update.

    Note These steps require the use of Registry Editor. Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.

    1. Create a text file named strongcrypto35-enable.reg that contains the following text:   For 32-bit applications on 32-bit systems and 64-bit applications on x64-based systems:

         [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
         "SchUseStrongCrypto"=dword:00000001
      

       For 32-bit applications on x64-based systems:

          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
          "SchUseStrongCrypto"=dword:00000001
      
    2. Run regedit.exe.

    3. In Registry Editor, click the File menu and then click Import.

    4. Navigate to and select the strongcrypto35-enable.reg file that you created in the first step. (Note If your file is not listed where you expect it to be, ensure that it has not been automatically given a .txt file extension, or change the dialog’s file extension parameters to All Files).

    5. Click Open and then click OK

    6. Exit Registry Editor and restart the system.

 

  • Manually disable RC4 in TLS on systems running .NET Framework 4.5/4.5.1/4.5.2

    Despite the fact that an update is available for systems running .NET Framework 4.5/4.5.1/4.5.2, the following steps are primarily for customers with .NET Framework 4.5/4.5.1/4.5.2 applications running on systems with .NET Framework 4.6 present. For customers running only .NET Framework 4.5, 4.5.1, or 4.5.2, the manual steps serve as an optional alternative to installing the available update.

    Note These steps require the use of Registry Editor. Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.

    1. Create a text file named strongcrypto4-enable.reg that contains the following text:   For 32-bit applications on 32-bit systems and 64-bit applications on x64-based systems:

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
          "SchUseStrongCrypto"=dword:00000001
      

      For 32-bit applications on x64-based systems:

          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319
          "SchUseStrongCrypto"=dword:00000001
      
    2. Run regedit.exe.

    3. In Registry Editor, click the File menu and then click Import.

    4. Navigate to and select the strongcrypto4-enable.reg file that you created in the first step. (Note If your file is not listed where you expect it to be, ensure that it has not been automatically given a .txt file extension, or change the dialog’s file extension parameters to All Files).

    5. Click Open and then click OK

    6. Exit Registry Editor and restart the system.

 

Additional Suggested Actions

  • Protect your PC

    We continue to encourage customers to follow our Protect Your Computer guidance of enabling a firewall, getting software updates and installing antivirus software. For more information, see Microsoft Safety & Security Center.

  • Keep Microsoft Software Updated

    Users running Microsoft software should apply the latest Microsoft security updates to help make sure that their computers are as protected as possible. If you are not sure whether your software is up to date, visit Microsoft Update, scan your computer for available updates, and install any high-priority updates that are offered to you. If you have automatic updating enabled and configured to provide updates for Microsoft products, the updates are delivered to you when they are released, but you should verify that they are installed.

Security Update Deployment

Windows 7 (all editions)

Reference Table

The following table contains the security update information for this software.

|**Inclusion in Future Service Packs**|The update for this issue will be included in a future service pack or update rollup| |------------|------------| |**Security update file name**|For Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1:\ **Windows6.1-KB2898851-x86.msu**| |\ |For Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems Service Pack 1:\ **NDP40-KB2938780-x86.exe**| |\ |For Microsoft .NET Framework 4.5 when installed on Windows 7 for 32-bit Systems Service Pack 1:\ **NDP45-KB2938782-x86.exe**| |\ |For Microsoft .NET Framework 4.5.1 when installed on Windows 7 for 32-bit Systems Service Pack 1:\ **NDP45-KB2938782-x86.exe**| |\ |For Microsoft .NET Framework 4.5.2 when installed on Windows 7 for 32-bit Systems Service Pack 1:\ **NDP45-KB2954853-x86.exe**| |\ |For Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1:\ **Windows6.1-KB2898851-x64.msu**| |\ |For Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems Service Pack 1:\ **NDP40-KB2938780-x64.exe**| |\ |For Microsoft .NET Framework 4.5 when installed on Windows 7 for x64-based Systems Service Pack 1:\ **NDP45-KB2938782-x64.exe**| |\ |For Microsoft .NET Framework 4.5.1 when installed on Windows 7 for x64-based Systems Service Pack 1:\ **NDP45-KB2938782-x64.exe**| |\ |For Microsoft .NET Framework 4.5.2 when installed on Windows 7 for x64-based Systems Service Pack 1:\ **NDP45-KB2954853-x64.exe**| |**Installation switches**|See [Microsoft Knowledge Base Article 2844699](https://support.microsoft.com/kb/2844699)| |**Update log file**|For Microsoft .NET Framework 3.5.1:\ Not applicable| |\ |For Microsoft .NET Framework 4:\ KB2938780_*_*-Microsoft .NET Framework 4 Client Profile-MSP0.txt\ KB2938780_*_*.html| |\ |For Microsoft .NET Framework 4.5:\ KB2938782_*_*-Microsoft .NET Framework 4.5-MSP0.txt\ KB2938782_*_*.html| |\ |For Microsoft .NET Framework 4.5.1:\ KB2938782_*_*-Microsoft .NET Framework 4.5.1-MSP0.txt\ KB2938782_*_*.html| |\ |For Microsoft .NET Framework 4.5.2:\ KB2954853_*_*-Microsoft .NET Framework 4.5.2-MSP0.txt\ KB2954853_*_*.html| |**Restart requirement**|This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.| |**Removal information**|Click **Control Panel**, click **System and Security**, and then under **Windows Update**, click **View installed updates** and select from the list of updates.| |**File information**|See [Microsoft Knowledge Base Article 2960358](https://support.microsoft.com/kb/2960358)| |**Registry key verification**|For Microsoft .NET Framework 3.5.1:\ Note A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.| |\ |For Microsoft .NET Framework 4 when installed on all supported 32-bit editions of Windows 7:\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4 Client Profile\KB2938780\ "ThisVersionInstalled" = "Y"| |\ |For Microsoft .NET Framework 4 when installed on all supported x64-based editions of Windows 7:\ HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Updates\Microsoft .NET Framework 4 Client Profile\KB2938780\ "ThisVersionInstalled" = "Y"| |\ |For Microsoft .NET Framework 4.5:\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.5\KB2938782\ "ThisVersionInstalled" = "Y"| |\ |For Microsoft .NET Framework 4.5.1:\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.5.1\KB2938782\ "ThisVersionInstalled" = "Y"| |\ |For Microsoft .NET Framework 4.5.2:\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.5.2\KB2954853\ "ThisVersionInstalled" = "Y"|

Windows Server 2008 R2 (all editions)

Reference Table

The following table contains the security update information for this software.

|**Inclusion in Future Service Packs**|The update for this issue will be included in a future service pack or update rollup| |------------|------------| |**Security update file name**|For Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1:\ **Windows6.1-KB2898851-x64.msu**| |\ |For Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1:\ **NDP40-KB2938780-x64.exe**| |\ |For Microsoft .NET Framework 4.5 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1:\ **NDP45-KB2938782-x64.exe**| |\ |For Microsoft .NET Framework 4.5.1 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1:\ **NDP45-KB2938782-x64.exe**| |\ |For Microsoft .NET Framework 4.5.2 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1:\ **NDP45-KB2954853-x64.exe**| |\ |For Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:\ **Windows6.1-KB2898851-ia64.msu**| |\ |For Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:\ **NDP40-KB2938780-IA64.exe**| |**Installation switches**|See [Microsoft Knowledge Base Article 2844699](https://support.microsoft.com/kb/2844699)| |**Update log file**|For Microsoft .NET Framework 3.5.1:\ Not applicable| |\ |For Microsoft .NET Framework 4:\ KB2938780_*_*-Microsoft .NET Framework 4 Client Profile-MSP0.txt\ KB2938780_*_*.html| |\ |For Microsoft .NET Framework 4.5:\ KB2938782_*_*-Microsoft .NET Framework 4.5-MSP0.txt\ KB2938782_*_*.html| |\ |For Microsoft .NET Framework 4.5.1:\ KB2938782_*_*-Microsoft .NET Framework 4.5.1-MSP0.txt\ KB2938782_*_*.html| |\ |For Microsoft .NET Framework 4.5.2:\ KB2954853_*_*-Microsoft .NET Framework 4.5.2-MSP0.txt\ KB2954853_*_*.html| |**Restart requirement**|This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.| |**Removal information**|Click **Control Panel**, click **System and Security**, and then under **Windows Update**, click **View installed updates** and select from the list of updates.| |**File information**|See [Microsoft Knowledge Base Article 2960358](https://support.microsoft.com/kb/2960358)| |**Registry key verification**|For Microsoft .NET Framework 3.5.1:\ **Note** A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.| |\ |For Microsoft .NET Framework 4:\ HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Updates\Microsoft .NET Framework 4 Client Profile\KB2938780\ "ThisVersionInstalled" = "Y"| |\ |For Microsoft .NET Framework 4.5:\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.5\KB2938782\ "ThisVersionInstalled" = "Y"| |\ |For Microsoft .NET Framework 4.5.1:\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.5.1\KB2938782\ "ThisVersionInstalled" = "Y"| |\ |For Microsoft .NET Framework 4.5.2:\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 4.5.2\KB2954853\ "ThisVersionInstalled" = "Y"|

Windows 8 (all editions) and Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.

|**Inclusion in Future Service Packs**|The update for this issue will be included in a future service pack or update rollup| |------------|------------| |**Security update file name**|For Microsoft .NET Framework 3.5 on Windows 8 for 32-bit Systems:\ **Windows8-RT-KB2898845-x86.msu**| |\ |For Microsoft .NET Framework 4.5 on Windows 8 for 32-bit Systems:\ **Windows8-RT-KB2898849-x86.msu**| |\ |For Microsoft .NET Framework 4.5.1 on Windows 8 for 32-bit Systems:\ **Windows8-RT-KB2898849-x86.msu**| |\ |For Microsoft .NET Framework 4.5.2 on Windows 8 for 32-bit Systems:\ **Windows8-RT-KB2898849-x86.msu**| |\ |For Microsoft .NET Framework 3.5 on Windows 8 for 64-bit Systems:\ **Windows8-RT-KB2898845-x64.msu**| |\ |For Microsoft .NET Framework 4.5 on Windows 8 for 64-bit Systems:\ **Windows8-RT-KB2898849-x64.msu**| |\ |For Microsoft .NET Framework 4.5.1 on Windows 8 for 64-bit Systems:\ **Windows8-RT-KB2898849-x64.msu**| |\ |For Microsoft .NET Framework 4.5.2 on Windows 8 for 64-bit Systems:\ **Windows8-RT-KB2898849-x64.msu**| |\ |For Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit Systems:\ **Windows8.1-KB2898847-x86.msu**| |\ |For Microsoft .NET Framework 4.5.1 on Windows 8.1 for 32-bit Systems:\ **Windows8.1-KB2898850-x86.msu**| |\ |For Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit Systems:\ **Windows8.1-KB2898850-x86.msu**| |\ |For Microsoft .NET Framework 3.5 on Windows 8.1 for 64-bit Systems:\ **Windows8.1-KB2898847-x64.msu**| |\ |For Microsoft .NET Framework 4.5.1 on Windows 8.1 for 64-bit Systems:\ **Windows8.1-KB2898850-x64.msu**| |\ |For Microsoft .NET Framework 4.5.2 on Windows 8.1 for 64-bit Systems:\ **Windows8.1-KB2898850-x64.msu**| |**Installation switches**|See [Microsoft Knowledge Base Article 2844699](https://support.microsoft.com/kb/2844699)| |**Restart requirement**|This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.| |**Removal information**|Click **Control Panel**, click **System and Security**, click **Windows Update**, and then under **See also**, click **Installed updates** and select from the list of updates.| |**File information**|See [Microsoft Knowledge Base Article 2960358](https://support.microsoft.com/kb/2960358)| |**Registry key verification**|For Microsoft .NET Framework 3.5:\ **Note** A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.| |\ |For Microsoft .NET Framework 4.5:\ **Note** A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.| |\ |For Microsoft .NET Framework 4.5.1:**Note** A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.| |\ |For Microsoft .NET Framework 4.5.2:**Note** A registry key does not exist to validate the presence of this update. Use WMI to detect for the presence of this update.|

Windows Server 2012 (all editions) and Windows Server 2012 R2 (all editions)

Reference Table

The following table contains the security update information for this software.

|**Inclusion in Future Service Packs**|The update for this issue will be included in a future service pack or update rollup| |------------|------------| |**Security update file name**|For Microsoft .NET Framework 3.5 on Windows Server 2012:\ **Windows8-RT-KB2898845-x64.msu**| |\ |For Microsoft .NET Framework 4.5 on Windows Server 2012:\ **Windows8-RT-KB2898849-x64.msu**| |\ |For Microsoft .NET Framework 4.5.1 on Windows Server 2012:\ **Windows8-RT-KB2898849-x64.msu**| |\ |For Microsoft .NET Framework 4.5.2 on Windows Server 2012:\ **Windows8-RT-KB2898849-x64.msu**| |\ |For Microsoft .NET Framework 3.5 on Windows Server 2012 R2:\ **Windows8.1-KB2898847-x64.msu**| |\ |For Microsoft .NET Framework 4.5.1 on Windows Server 2012 R2:\ **Windows8.1-KB2898850-x64.msu**| |\ |For Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2:\ **Windows8.1-KB2898850-x64.msu**| |**Installation switches**|See [Microsoft Knowledge Base Article 2844699](https://support.microsoft.com/kb/2844699)| |**Restart requirement**|This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.| |**Removal information**|Click **Control Panel**, click **System and Security**, click **Windows Update**, and then under **See also**, click Installed updates and select from the list of updates.| |**File information**|See [Microsoft Knowledge Base Article 2960358](https://support.microsoft.com/kb/2960358)| |**Registry key verification**|**Note** A registry key does not exist to validate the presence of this update.|

Windows RT (all editions) and Windows RT 8.1 (all editions)

The following table contains the security update information for this software.

|**Deployment**|For Microsoft .NET Framework 4.5, 4.5.1, and 4.5.2 on Windows RT:\ Update 2898849 is available from the [Microsoft Download Center](https://go.microsoft.com/fwlink/?linkid=21129).| |------------|------------| |\ |For Microsoft .NET Framework 4.5.1 and 4.5.1 on Windows RT 8.1:\ Update 2898850 is available from the [Microsoft Download Center](https://go.microsoft.com/fwlink/?linkid=21129).| |**Restart Requirement**|A system restart is required after applying this security update.| |**Removal Information**|Click **Control Panel**, click **System and Security**, click **Windows Update**, and then under **See also**, click **Installed updates** and select from the list of updates.| |**File Information**|See [Microsoft Knowledge Base Article 2960358](https://support.microsoft.com/kb/2960358)|

Other Information

Microsoft Active Protections Program (MAPP)

To improve security protections for customers, Microsoft provides vulnerability information to major security software providers in advance of each monthly security update release. Security software providers can then use this vulnerability information to provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion prevention systems. To determine whether active protections are available from security software providers, please visit the active protections websites provided by program partners, listed in Microsoft Active Protections Program (MAPP) Partners.

Feedback

Support

Disclaimer

The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

  • V1.0 (May 13, 2014): Advisory published.
  • V1.1 (June 19, 2014): Added link to Microsoft Knowledge Base Article 2978675 under Known Issues in the Executive Summary.
  • V1.2 (July 8, 2014): Advisory revised to announce a Microsoft Update Catalog detection change for the updates requiring installation of the 2868725 prerequisite update.**This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
  • V2.0 (October 13, 2015): Advisory revised to broaden the affected software list to include Windows 10 systems that are running .NET Framework 3.5 applications and systems with .NET Framework 4.6 installed that are running .NET Framework 4.5/4.5.1/4.5.2 applications, and to provide customers running these configurations with steps for manually disabling RC4 in TLS. See the Affected Software and Suggested Actions sections of this advisory for more information.

Page generated 2015-10-14 12:37-07:00.