Archived:MS16-006 Microsoft Security Update for Silverlight

Updated Oct 19, 2020

NI does not actively maintain this document.

This content provides support for older products and technology, so you may notice outdated links or obsolete information about operating systems or other relevant products.

Reported In

Software

  • LabVIEW Base
  • TestStand
  • Measurement Studio Standard
  • LabWindows/CVI Base

Issue Details

What fixes are included in the National Instruments Distribution of Microsoft Silverlight (2016 Q2) update available in the Update Service?

Solution

You need this update if:  
  • You aren't building any deployment installers from NI software products, and you have not already installed this update from Microsoft Windows Update.  
  • You use an NI ADE (e.g., LabVIEW Installer Builder) to build deployment installers that include Microsoft Silverlight. You still need to install this update from the Update Service even if you already installed this update from the Microsoft Windows Update.   

Affected ADEs
ADEFirst Affected VersionLast Affected Version
NI TestStand20122014 SP1 (32-bit)
2014 SP1 (64-bit) 
LabWindows™/CVI™    20122015
Measurement StudioMeasurement Studio 2012 for Visual Studio 2010
Measurement Studio 2012 for Visual Studio 2008
Measurement Studio 2012 for Visual Studio 2005
Measurement Studio 2015 for Visual Studio 2013
Measurement Studio 2015 for Visual Studio 2012
Measurement Studio 2015 for Visual Studio 2010
LabVIEW20122015 SP1 

 

Additional Information

This update is delivering the same fix as the MS16-006 Microsoft Security Update for Silverlight. Microsoft states "This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application. An attacker would have no way to force users to visit a compromised website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or instant message that takes users to the attacker's website."

You can obtain more information from Microsoft's KB: MS16-006: Security update for Silverlight to address remote code execution: January 12, 2016.

Patch Details
This security update addresses the following reported vulnerabilities:

CVE-2016-0034