MS15-007: Vulnerability in Network Policy Server RADIUS implementation could cause denial of service: January 13, 2015

View products that this article applies to.

Summary

This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow denial of service on Internet Authentication Service (IAS) or Network Policy Server (NPS) if an attacker sends specially crafted username strings to IAS or NPS. Although the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights, it could prevent Remote Authentication Dial-in User Service (RADIUS) authentication on IAS or NPS.

↑ Back to the top

Introduction

Microsoft has released security bulletin MS15-007. To learn more about this security bulletin:

Home users:
https://www.microsoft.com/security/pc-security/updates.aspx
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update website now:
https://update.microsoft.com/microsoftupdate/
IT professionals:
https://technet.microsoft.com/library/security/MS15-007

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top

More Information

Security update deployment information

Windows Server 2003 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2003: WindowsServer2003-KB3014029-x86-ENU.exe
	For all supported x64-based editions of Windows Server 2003: WindowsServer2003-KB3014029-x64-ENU.exe
	For all supported Itanium-based editions of Windows Server 2003: WindowsServer2003-KB3014029-ia64-ENU.exe
Installation switches	See Microsoft Knowledge Base Article 934307
Update log file	KB3014029.log
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	Use Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB3014029$\Spuninst folder
File information	See the file information section.
Registry key verification	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3014029\Filelist

Windows Server 2008 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2008: Windows6.0-KB3014029-x86.msu
	For all supported x64-based editions of Windows Server 2008: Windows6.0-KB3014029-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported x64-based editions of Windows Server 2008 R2: Windows6.1-KB3014029-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported editions of Windows Server 2012: Windows8-RT-KB3014029-x64.msu
	For all supported editions of Windows Server 2012 R2: Windows8.1-KB3014029-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

↑ Back to the top

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2003 file information

The files that apply to a specific milestone (SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.
In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x64-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Iassam.dll	5.2.3790.5513	214,016	09-Jan-2015	18:10	x64	SP2	SP2QFE
Wiassam.dll	5.2.3790.5513	134,144	09-Jan-2015	18:10	x86	SP2	SP2QFE\WOW

For all supported x86-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Iassam.dll	5.2.3790.5513	134,144	09-Jan-2015	18:02	x86	SP2	SP2QFE

For all supported IA-64-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Iassam.dll	5.2.3790.5513	428,032	09-Jan-2015	18:09	IA-64	SP2	SP2QFE
Wiassam.dll	5.2.3790.5513	134,144	09-Jan-2015	18:09	x86	SP2	SP2QFE\WOW

Windows Server 2008 file information

The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.0.6002.18xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 GDR
6.0.6002.23xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Version	Product	Milestone	Service branch
6.0.6002.18xxx	Windows Vista SP2 and Windows Server 2008 SP2	SP2	GDR
6.0.6002.23xxx	Windows Vista SP2 and Windows Server 2008 SP2	SP2	LDR

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Server 2008

File name	File version	File size	Date	Time	Platform
Iassam.dll	6.0.6002.19250	182,784	06-Dec-2014	03:14	x86
Iassam.dll	6.0.6002.23557	182,784	06-Dec-2014	02:50	x86

For all supported x64-based versions of Windows Server 2008

File name	File version	File size	Date	Time	Platform
Iassam.dll	6.0.6002.19250	242,688	06-Dec-2014	02:53	x64
Iassam.dll	6.0.6002.23557	242,688	06-Dec-2014	02:35	x64
Iassam.dll	6.0.6002.19250	182,784	06-Dec-2014	03:14	x86
Iassam.dll	6.0.6002.23557	182,784	06-Dec-2014	02:50	x86

Windows Server 2008 R2 file information

The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.1.7601.18xxx Windows Server 2008 R2 SP1 GDR
6.1.7601.22xxx Windows Server 2008 R2 SP1 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Version	Product	Milestone	Service branch
6.1.7601.18xxx	Windows Server 2008 R2	SP1	GDR
6.1.7601.22xxx	Windows Server 2008 R2	SP1	LDR

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x64-based versions of Windows Server 2008 R2

File name	File version	File size	Date	Time	Platform
Iassam.dll	6.1.7601.18685	254,976	06-Dec-2014	04:17	x64
Iassam.dll	6.1.7601.22893	254,976	06-Dec-2014	04:31	x64
Iassam.dll	6.1.7601.18685	193,024	06-Dec-2014	03:50	x86
Iassam.dll	6.1.7601.22893	193,024	06-Dec-2014	04:18	x86

Windows Server 2012 file information

The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.2.920 0.16 xxx Windows Server 2012 RTM GDR
6.2.920 0.20 xxx Windows Server 2012 RTM LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Version	Product	Milestone	Service branch
6.2.920 0.16 xxx	Windows Server 2012	RTM	GDR
6.2.920 0.20 xxx	Windows Server 2012	RTM	LDR

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x64-based versions of Windows Server 2012

File name	File version	File size	Date	Time	Platform
Iassam.dll	6.2.9200.17199	276,480	06-Dec-2014	07:51	x64
Iassam.dll	6.2.9200.21316	276,480	06-Dec-2014	06:40	x64
Iassam.dll	6.2.9200.17199	219,136	06-Dec-2014	06:09	x86
Iassam.dll	6.2.9200.21316	219,136	06-Dec-2014	05:40	x86

Windows Server 2012 R2 file information

For all supported x64-based versions of Windows Server 2012 R2

File name	File version	File size	Date	Time	Platform
Iassam.dll	6.3.9600.17549	276,480	05-Dec-2014	02:56	x64
Iassam.dll	6.3.9600.17549	223,232	05-Dec-2014	02:18	x86

File hash information

File name	SHA1 hash	SHA256 hash
Windows6.0-KB3014029-x64.msu	8367186BF158C74AE5F176B2136ED6213E949B28	190E739BC249F486AA44E75293C963D87C40B000766C15859908AE21AD90BA63
Windows6.0-KB3014029-x86.msu	AC897528668CC9DF75CC2598F5D8312675B2DF7E	691EE1C8E6A383EDCF31B55575DC72229559CF7ED1C41CB824346214BB2DC1E0
Windows6.1-KB3014029-x64.msu	29C3C54F6D9AA4E7A0E9D1B6521ABA14A628EDE8	E6F354DD2C5822DFFAD40F2F253371EF5D26D19E30992045A7DED78438AD0D1D
Windows8.1-KB3014029-x64.msu	C1F9AE30F63328DC8974C1D69C58EBE4E1BB7F18	818DEE842804E4656EC935046FE7A020E9FA9958591F7BC9E8DF3C1E27D32FE4
Windows8-RT-KB3014029-x64.msu	9FC74C8A48202C3C1E2EE2131E0C0D78EE0B2950	1CB7500CEEA3DE1B128FBA59947CB8F41A3899FFCC0A495D1EF9066397E8D73C
WindowsServer2003-KB3014029-ia64-DEU.exe	FFFB881F5C2A63175C42A5FA895EAFFB4AF05E68	118A74EE2B298735FE90C629959E1F3410A6F61B62F64B9D463E51A975DF2AA3
WindowsServer2003-KB3014029-ia64-ENU.exe	A574C9731160CEEA0721A322ED01DA682AF5CB43	366BB2B8A9C93D5E19DBF4C10CC6B5D47FC600801A0A11152F0E3B575C9B4B99
WindowsServer2003-KB3014029-ia64-ENU.exe	F01E900E783C2427470171E1A7D666F21A986D1B	7F534C06A554E8DB0EC13A6EC362A7F7DF35C7435195B6BFB8A8EE9B14B1BF33
WindowsServer2003-KB3014029-ia64-FRA.exe	D4FBFE7FCA1BB3E66606DED2E08ACD0916904346	36714B211E3817F3882AA7AB625AB483AAA8D290180F1EA3DC4AEFE9F7DBCBCF
WindowsServer2003-KB3014029-ia64-JPN.exe	C9E9AA86C9139CD70335A667D89FF14DA2B2FF4D	B08410886A5B14AF4A47FF12CD5AE62FCA9A8F458734D48353E7FF0387D6AE41
WindowsServer2003-KB3014029-x64-CHS.exe	50261C7B60CD26ED9569FA1D178655B8CD4F1C14	C06F02242D5904781C2F7262394F8E3B4F9F130CFEB41794554B8D8BB054B8B1
WindowsServer2003-KB3014029-x64-CHT.exe	F87A1CA1C9E5584A450FBD3DF0C8C8DD7EF7A4DB	E0E48AE3BAB89ED37248A9BD1847A9BFBF1A8339BB5ADF31CBCF7C60C6C93DCD
WindowsServer2003-KB3014029-x64-DEU.exe	8A7CB9172121035EFD3486AA5DD92577CB9FFFC0	A63A92DAF90A2CD41F497D2E438CF32313D1867881F1FA316264A089798A5351
WindowsServer2003-KB3014029-x64-ENU.exe	EF0E811FDA83C45CA55D9ED29AE38A768D44CE9C	2251364E7BFA76179ABEE6A293D2D62B4F49767371EE6CCA150E5EE777E46B2E
WindowsServer2003-KB3014029-x64-ESN.exe	5E5F67FAB1BBB07DF22DEA49B7BEBBEF4C4AF397	B9224FCA92C3AB274E146789FD171BF0E4C04DDFB663457A2B52668B6598591B
WindowsServer2003-KB3014029-x64-FRA.exe	4978A16B5CFE0CA742925CD0721ABA069F97A9D4	85B48F4EE9990DC384E742D9FBD459102EFDECC4457B21797726248F8E2BEC23
WindowsServer2003-KB3014029-x64-ITA.exe	DB3A949D51ADD5F7E98603928A4142B406FF4F8A	0CD06CEA3BD829380B40969BFA5986BDE26D0ACF6D36699F37C0581DA7F42F64
WindowsServer2003-KB3014029-x64-JPN.exe	E0A9AB9E5BC6FC5A026ECEE1F2AC88B30CA06A5F	AB17ADC748CDEDE73ACB92360D344F5840832F055AFF8DE73B6FD5AD69C6ACCA
WindowsServer2003-KB3014029-x64-KOR.exe	B53EFA843692C11B7C7E4A39FD8A9727E602EC77	B19C3073A15027DB68D8606A83C5AF49D985B22F862CC781FF9D11BFD1136F72
WindowsServer2003-KB3014029-x64-PTB.exe	9594C594EB64BF76601EBE0DD513EF31F32E915A	C2843E728F37ADECF1BB118A7C6294F84B8B2ECC6EE09F7C46731A0246F882B3
WindowsServer2003-KB3014029-x64-RUS.exe	9C22CC6B6649110EA44235304303359B9BCBDD2A	0C070CC5A9DCC5470F7E9F62706C888BC640F53BE4F0704114CD2222AF5E9249
WindowsServer2003-KB3014029-x86-CHS.exe	D7CF01235383F081185AF2D26B26C23A7929893F	7C9F221761AF2764841D576B648D33F2C38047D7038D22BE07EFC4FE216C4166
WindowsServer2003-KB3014029-x86-CHT.exe	D666BB9BEEF4092037A7E8E1B126AE7A7C45988E	23D99DBA3281010BAC5B472E5545F454CE498789DA8009F425DEEFD8DFA493A0
WindowsServer2003-KB3014029-x86-CSY.exe	992D61458F24196E1A4EE9012B473DF6E79A384F	04B7F866A5C2A88C236D70E26021FF9D9C9B512D7A14269D7898DD1247BCD494
WindowsServer2003-KB3014029-x86-DEU.exe	9BC0DF6BED3AEF7246E359B0F9EE6116698CED6D	0234C6C54D29A870727905101657462D85E6FE35D7ED31A906C41E35382077D4
WindowsServer2003-KB3014029-x86-ENU.exe	0C811F7E5FF15C7DA4A06C9F14F3F32040967D69	235070C4C73DDAA338CC189A402BC151CA552AF0F5663C4674367C74884CA9C9
WindowsServer2003-KB3014029-x86-ENU.exe	87A14DFC403B4E01532CEB640B3EB975BE2F15F9	E359C4BE229F90D491CE7326CDED06F8B02A3A64D792452E74E507B57B7E9F60
WindowsServer2003-KB3014029-x86-ESN.exe	230CA30B098570F8EE432D794DCB6445A8D7936B	4341B9DA9DE0FFED30EDA67BA3429FF9A8881430AD95CD3D2552C970923D773C
WindowsServer2003-KB3014029-x86-FRA.exe	639BA56E558A2A06BB5F87FFAAA3CFA50BD24CE2	6A24872425A1EF2771F3E42F8E297F8867955331C5BB283399949C7C90003632
WindowsServer2003-KB3014029-x86-HUN.exe	2381324BC47EF194D9E358C187DEA1A7B058E293	6E9D264A207CA8F800D912CA24750E2006541E42143BAAB9FA6352E5B45B84E9
WindowsServer2003-KB3014029-x86-ITA.exe	7ABF9EE4DDE9A16851EEB8D6FD8806D2F4EB8B91	10A28CEEF485F91EDDC967A50DC0EDA2DD3A3E53CD8235B67EA693B139772906
WindowsServer2003-KB3014029-x86-JPN.exe	85CF08B54E607BCE41520F3A6ED05546DF813731	CE2FB4A945A4ECC3DC030436DBC28526B7CC2A7471B93B916AC6E896FDA3F811
WindowsServer2003-KB3014029-x86-KOR.exe	36E839ABE983B8B0CA9701CC33BEDE0B3714F04A	F160179689468BC32E257DFC91A3E18DDA7844CFA38DAFD7C227AB031161F02F
WindowsServer2003-KB3014029-x86-NLD.exe	D0E42BAC7C2C3D0E97A459C9E8DE4E620DAE70EB	70BDE9331EB60EEE3683EFEF965F8F3CBC2240EACBEEB99728D375D62A58810F
WindowsServer2003-KB3014029-x86-PLK.exe	9DC12643972115E55D29404104455B04394DFC29	E39452D299082E59404F894E7EBFA0D0369931E521908043F83217E6F3EFAAD6
WindowsServer2003-KB3014029-x86-PTB.exe	2644A7C34CDC793A6CBC2FF0C79E57C1BEE80F09	87FA2B6717B580E4C469E801A3D973D715D3660EA70E8318122E59D0AF9AD698
WindowsServer2003-KB3014029-x86-PTG.exe	BA3660747DDC37EFB122499D39A0311F990C8996	0B7A52107AA11C9F0530E58F8A1CB1FA6CD1BBAAE9163E40F05DAB35470A453A
WindowsServer2003-KB3014029-x86-RUS.exe	4E14F2B735E1352F8B1CB9AA4D11473C82EF2C49	012308121F6FAD54B3BA1E7940E2DBDAD9AE05F46E778493F92DE9B89974A64D
WindowsServer2003-KB3014029-x86-SVE.exe	A155C8D824C14334EB87AF8F1A86D5ED1429D049	A68D6C88B40ABD3B1E5A56B1B3A5E3E9E698DD4337611E457C78C3063722C4F7
WindowsServer2003-KB3014029-x86-TRK.exe	CBD2937E995773F20297F213D16927BFF9D9A755	AFBA13F90DBA2376AE3584D4475856CF95176299D16C4BC63BA2C27F115A151D

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info

Article ID	:	3014029
Revision	:	1
Created on	:	1/7/2017
Published on	:	1/13/2015
Exists online	:	False
Views	:	288

Microsoft KB Archive Search

MS15-007: Vulnerability in Network Policy Server RADIUS implementation could cause denial of service: January 13, 2015

Summary

Introduction

How to obtain help and support for this security update

More Information

Windows Server 2003 (all editions)

Windows Server 2008 (all editions)

Windows Server 2008 R2 (all editions)

Windows Server 2012 and Windows Server 2012 R2 (all editions)

File information

For all supported x64-based versions of Windows Server 2003

For all supported x86-based versions of Windows Server 2003

For all supported IA-64-based versions of Windows Server 2003

For all supported x86-based versions of Windows Server 2008

For all supported x64-based versions of Windows Server 2008

For all supported x64-based versions of Windows Server 2008 R2

For all supported x64-based versions of Windows Server 2012

For all supported x64-based versions of Windows Server 2012 R2

Applies to: