8

As you might know, Microsoft recently deployed a security update for Visual Studio: KB971090.

Among other things, this updated the Visual C Runtime DLL from version 8.0.50727.762 to 8.0.50727.4053.

So after this update, everything I compile that uses the runtime dynamically linked, gets their dependencies updated to the new runtime.

Of course, for new applications it is fine to update to the new, presumably more secure, version.

But I would also like to be able to retain the old dependency - for example, I might like to build a fixpack that only require a single DLL to be replaced (if I try to do that after the update, I will get the dreaded "This application has failed to start because the application configuration is incorrect." unless I also distribute the updated runtime).

Is there any way to do this, or will I need to retain two installations of Visual Studio: one updated and one non-updated?

iain
  • 10,798
  • 3
  • 37
  • 41
Rasmus Faber
  • 48,631
  • 24
  • 141
  • 189
  • See also: http://netscantools.blogspot.com/2009/08/security-update-for-compiler-broke-our.html – Rasmus Faber Aug 06 '09 at 12:30
  • I have a very similar question, but I am more concerned about using different version of the c runtime library in a single executable. see http://stackoverflow.com/questions/1238741/does-the-latest-visual-studio-2005-security-update-cause-c-runtime-library-issues – iain Aug 06 '09 at 13:13
  • Cool. This is now the 3rd hit on Google for KB971090. – JesperE Aug 18 '09 at 10:40

2 Answers2

6

You can specify the version by using the workaround found here

Ted.
  • 133
  • 6
3

You can turn off autogenerated manifest and include your own with the library version you need.

For example:

<dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.VC90.DebugCRT" version="9.0.21022.8" processorArchitecture="x86" publicKeyToken="1fc8b3b9a1e18e3b"></assemblyIdentity></dependentAssembly></dependency>
Sergey Podobry
  • 7,101
  • 1
  • 41
  • 51