Microsoft Security Bulletin MS15-010 - Critical

Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (3036220)

Published: February 10, 2015 | Updated: February 18, 2015

Version: 1.1

This security update resolves one publicly disclosed and five privately reported vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or visit an untrusted website that contains embedded TrueType fonts.

This security update is rated Critical for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1; it is rated Important for all supported editions of Windows Server 2003, Windows Vista, and Windows Server 2008. For more information, see the Affected Software section.

The security update addresses the vulnerabilities by correcting how the Windows kernel-mode driver validates certain parameters against registered objects, validates and enforces impersonation levels, handles objects in memory, validates data returned from user mode functions before being executed, handles TrueType Font error checking, and checks font widths prior to loading fonts into memory. For more information about the vulnerability, see the Vulnerability Information section.

For more information about this update, see Microsoft Knowledge Base Article 3036220.

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.

Operating System

Maximum Security Impact

Aggregate Severity Rating

Updates Replaced

Windows Server 2003

Windows Server 2003 Service Pack 2
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Server 2003 Service Pack 2
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2003 x64 Edition Service Pack 2
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Server 2003 x64 Edition Service Pack 2
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2003 with SP2 for Itanium-based Systems
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Server 2003 with SP2 for Itanium-based Systems
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Vista

Windows Vista Service Pack 2
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Vista Service Pack 2
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Vista x64 Edition Service Pack 2
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Vista x64 Edition Service Pack 2
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2008

Windows Server 2008 for 32-bit Systems Service Pack 2
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Server 2008 for 32-bit Systems Service Pack 2
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2008 for x64-based Systems Service Pack 2
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Server 2008 for x64-based Systems Service Pack 2
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2008 for Itanium-based Systems Service Pack 2
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Server 2008 for Itanium-based Systems Service Pack 2
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows 7

Windows 7 for 32-bit Systems Service Pack 1
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows 7 for 32-bit Systems Service Pack 1
(3023562)

Security Feature Bypass

Important

2785220 in MS13-006

Windows 7 for x64-based Systems Service Pack 1
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows 7 for x64-based Systems Service Pack 1
(3023562)

Security Feature Bypass

Important

2785220 in MS13-006

Windows Server 2008 R2

Windows Server 2008 R2 for x64-based Systems Service Pack 1
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows Server 2008 R2 for x64-based Systems Service Pack 1
(3023562)

Security Feature Bypass

Important

2785220 in MS13-006

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(3023562)

Security Feature Bypass

Important

2785220 in MS13-006

Windows 8 and Windows 8.1

Windows 8 for 32-bit Systems
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows 8 for 32-bit Systems
(3023562)

Security Feature Bypass

Important

None

Windows 8 for x64-based Systems
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows 8 for x64-based Systems
(3023562)

Security Feature Bypass

Important

None

Windows 8.1 for 32-bit Systems
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows 8.1 for 32-bit Systems
(3023562)

Security Feature Bypass

Important

None

Windows 8.1 for x64-based Systems
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows 8.1 for x64-based Systems
(3023562)

Security Feature Bypass

Important

None

Windows Server 2012 and Windows Server 2012 R2

Windows Server 2012
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows Server 2012
(3023562)

Security Feature Bypass

Important

None

Windows Server 2012 R2
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows Server 2012 R2
(3023562)

Security Feature Bypass

Important

None

Windows RT and Windows RT 8.1

Windows RT[1]
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows RT[1]
(3023562)

Security Feature Bypass

Important

3003743 in MS14-074

Windows RT 8.1[1]
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows RT 8.1[1]
(3023562)

Security Feature Bypass

Important

3003743 in MS14-074

Server Core installation option

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
(3013455)

Elevation of Privilege

Important

3002885 in MS14-079

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
(3023562)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(3023562)

Security Feature Bypass

Important

2785220 in MS13-006

Windows Server 2012 (Server Core installation)
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows Server 2012 (Server Core installation)
(3023562)

Security Feature Bypass

Important

None

Windows Server 2012 R2 (Server Core installation)
(3013455)

Remote Code Execution

Critical

3002885 in MS14-079

Windows Server 2012 R2 (Server Core installation)
(3023562)

Security Feature Bypass

Important

None

Note The 3013455 update is available for Windows Technical Preview and Windows Server Technical Preview. Customers running these operating systems are encouraged to apply the update via Windows Update.

[1]This update is available via Windows Update only.

For the 3013455 update, why are there two packages on the Microsoft Download Center pages for affected editions of Windows Server 2003, Windows Server 2008, and Windows Vista? 
An additional, non-security update was implemented for affected editions of Windows Server 2003, Windows Server 2008, and Windows Vista to address problems with text quality degradation that some customers experienced after installing the 3013455 update. Note that the additional package (3037639) is not needed to be protected from the vulnerabilities addressed by the 3013455 update; it simply corrects the text quality problem. Customers should also be aware that the 3037639 update does require a system restart after installation.

The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin's release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the February bulletin summary.

Vulnerability Severity Rating and Maximum Security Impact by Affected Software

Affected Software

Win32k Elevation of Privilege Vulnerability - CVE-2015-0003

CNG Security Feature Bypass Vulnerability - CVE-2015-0010

Win32k Elevation of Privilege Vulnerability - CVE-2015-0057

Windows Cursor Object Double Free Vulnerability - CVE-2015-0058

TrueType Font Parsing Remote Code Execution Vulnerability - CVE-2015-0059

Windows Font Driver Denial of Service Vulnerability - CVE-2015-0060

Aggregate Severity Rating


(3013455)

(3023562)

(3013455)

(3013455)

(3013455)

(3013455)


Windows Server 2003

Windows Server 2003 Service Pack 2

Important 
Elevation of Privilege

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Server 2003 x64 Edition Service Pack 2

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Server 2003 with SP2 for Itanium-based Systems

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Vista

Windows Vista Service Pack 2

Important 
Elevation of Privilege

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Vista x64 Edition Service Pack 2

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Server 2008

Windows Server 2008 for 32-bit Systems Service Pack 2

Important 
Elevation of Privilege

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Server 2008 for x64-based Systems Service Pack 2

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Server 2008 for Itanium-based Systems Service Pack 2

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows 7

Windows 7 for 32-bit Systems Service Pack 1

Important 
Elevation of Privilege

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows 7 for x64-based Systems Service Pack 1

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows Server 2008 R2

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows 8 and Windows 8.1

Windows 8 for 32-bit Systems

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows 8 for x64-based Systems

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows 8.1 for 32-bit Systems

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Important 
Elevation of Privilege

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows 8.1 for x64-based Systems

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Important 
Elevation of Privilege

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows Server 2012 and Windows Server 2012 R2

Windows Server 2012

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows Server 2012 R2

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Important 
Elevation of Privilege

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows RT and Windows RT 8.1

Windows RT[1]

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows RT 8.1[1]

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Important 
Elevation of Privilege

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Server Core installation option

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Important 
Elevation of Privilege

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Not applicable

Moderate 
Denial of Service

Important 

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows Server 2012 (Server Core installation)

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Not applicable

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

Windows Server 2012 R2 (Server Core installation)

Moderate 
Denial of Service

Important 
Security Feature Bypass

Important 
Elevation of Privilege

Important 
Remote Code Execution

Critical 
Remote Code Execution

Moderate 
Denial of Service

Critical 

[1]This update is available via Windows Update only.

Win32k Elevation of Privilege Vulnerability - CVE-2015-0003

An elevation of privilege vulnerability exists in the Windows kernel-mode driver (Win32k.sys) that is caused when it improperly handles objects in memory. An attacker who successfully exploited this vulnerability could gain elevated privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. The update addresses the vulnerability by correcting how the kernel-mode driver validates certain parameters against registered objects.

Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Mitigating Factors

The following mitigating factors may be helpful in your situation:

  • An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

Workarounds

The following workarounds may be helpful in your situation:

  • Set up a Registry entry to disable NULL page mapping (Windows 7 only)

    Note Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.

    1. Open Registry Editor.
    2. Locate and then click the following registry sub key:  
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
      
    3. On the Edit menu, click New, and then click DWORD.
    4. Type EnableLowVaAccess, and then press ENTER.
    5. On the Edit menu, click Modify to modify the EnableLowAvAccess registry entry.
    6. In the Value data box, type 0, and then click OK.
    7. Exit Registry Editor.
    8. Restart the system. 

     

    Impact of workaround. Some 16-bit applications may not work as expected.

    How to undo the workaround. 

    1. Open Registry Editor.
    2. Locate and then click the following registry sub key:  
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
      
    3. On the Edit menu, click Delete.
    4. Click Yes when prompted.
    5. Exit Registry Editor.
    6. Restart the system. 

 

CNG Security Feature Bypass Vulnerability - CVE-2015-0010

A security feature bypass vulnerability exists in the Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) when it fails to properly validate and enforce impersonation levels. An attacker could exploit this vulnerability by convincing a user to run a specially crafted application that is designed to cause CNG to improperly validate impersonation levels, potentially allowing the attacker to gain access to information beyond the access level of the local user. The security update addresses the vulnerability by correcting how the kernel-mode driver validates and enforces impersonation levels.

This vulnerability has been publicly disclosed. It has been assigned Common Vulnerability and Exposure number CVE-2015-2010. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Mitigating Factors

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

 

Win32k Elevation of Privilege Vulnerability - CVE-2015-0057

An elevation of privilege vulnerability exists in the Windows kernel-mode driver (Win32k.sys) that is caused when it improperly handles objects in memory. An attacker who successfully exploited this vulnerability could gain elevated privileges and read arbitrary amounts of kernel memory. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application designed to elevate privileges. The update addresses the vulnerability by correcting how the kernel-mode driver handles objects in memory.

Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Mitigating Factors

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

 

Windows Cursor Object Double Free Vulnerability - CVE-2015-0058

An elevation of privilege vulnerability exists in the Windows kernel-mode driver (win32k.sys) due to a double-free condition. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application designed to elevate privileges. The update addresses the vulnerability by correcting how the kernel-mode driver validates data returned from user mode functions before being executed.

Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Mitigating Factors

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

 

TrueType Font Parsing Remote Code Execution Vulnerability - CVE-2015-0059

A remote code execution vulnerability exists in the Windows kernel-mode driver (Win32k.sys) that is caused when it improperly handles TrueType fonts.

An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. To exploit the vulnerability, an attacker would need to convince a user to open a specially crafted document or visit an untrusted website that contains embedded TrueType Fonts. The update addresses the vulnerability by correcting how the kernel-mode driver handles TrueType fonts.

Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Mitigating Factors

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

The following workarounds may be helpful in your situation:

  • Deny access to T2EMBED.DLL

    For 32-bit systems, enter the following commands at an administrative command prompt:

    Takeown.exe /f "%windir%\system32\t2embed.dll"
    Icacls.exe "%windir%\system32\t2embed.dll" /deny everyone:(F)
    

    For 64-bit systems, enter the following commands at an administrative command prompt:

    Takeown.exe /f "%windir%\system32\t2embed.dll"
    Icacls.exe "%windir%\system32\t2embed.dll" /deny everyone:(F)
    Takeown.exe /f "%windir%\syswow64\t2embed.dll"
    Icacls.exe "%windir%\syswow64\t2embed.dll" /deny everyone:(F)
    

     

    Impact of workaround. Applications that rely on embedded font technology will fail to display properly.

    How to undo the workaround. 

    For 32-bit systems, enter the following command at an administrative command prompt:

    Icacls.exe %WINDIR%\system32\t2embed.DLL /remove:d everyone
    

    For 64-bit systems, enter the following commands at an administrative command prompt:

    Icacls.exe %WINDIR%\system32\t2embed.DLL /remove:d everyone
    Icacls.exe %WINDIR%\syswow64\t2embed.DLL /remove:d everyone
    

 

Windows Font Driver Denial of Service Vulnerability - CVE-2015-0060

A denial of service vulnerability exists in the Windows kernel-mode driver (Win32k.sys) that is caused when the Windows font mapper attempts to scale a font.

An attacker who successfully exploited this vulnerability could cause the user’s computer to stop responding. An attacker could attempt to exploit this vulnerability by convincing a user to open a malicious file or visit a malicious website link. The update addresses the vulnerability by correcting how the kernel-mode driver checks font widths prior to loading fonts into memory.

Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Mitigating Factors

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

The following workarounds may be helpful in your situation:

  • Deny access to T2EMBED.DLL

    For 32-bit systems, enter the following commands at an administrative command prompt:

    Takeown.exe /f "%windir%\system32\t2embed.dll"
    Icacls.exe "%windir%\system32\t2embed.dll" /deny everyone:(F)
    

    For 64-bit systems, enter the following commands at an administrative command prompt:

    Takeown.exe /f "%windir%\system32\t2embed.dll"
    Icacls.exe "%windir%\system32\t2embed.dll" /deny everyone:(F)
    Takeown.exe /f "%windir%\syswow64\t2embed.dll"
    Icacls.exe "%windir%\syswow64\t2embed.dll" /deny everyone:(F)
    

     

    Impact of workaround. Applications that rely on embedded font technology will fail to display properly.

    How to undo the workaround. 

    For 32-bit systems, enter the following command at an administrative command prompt:

    Icacls.exe %WINDIR%\system32\t2embed.DLL /remove:d everyone
    

    For 64-bit systems, enter the following commands at an administrative command prompt:

    Icacls.exe %WINDIR%\system32\t2embed.DLL /remove:d everyone
    Icacls.exe %WINDIR%\syswow64\t2embed.DLL /remove:d everyone
    

 

For Security Update Deployment information, see the Microsoft Knowledge Base article referenced here in the Executive Summary.

Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure. See Acknowledgments for more information.

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

  • V1.0 (February 10, 2015): Bulletin published.
  • V1.1 (February 18, 2015): Bulletin revised to add an Update FAQ that explains why there are two packages on the Microsoft Download Center pages for affected editions of Windows Server 2003, Windows Server 2008, and Windows Vista. The additional package (3037639) is not needed to be protected from the vulnerabilities addressed by the 3013455 update; it simply corrects a text quality problem that some customers experienced after installing the 3013455 update on the indicated systems.

Page generated 2015-02-18 15:39Z-08:00.
Show: