Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-008: Vulnerability in Windows kernel mode driver could allow elevation of privilege: January 13, 2015

View products that this article applies to.

Summary

This security update resolves one privately reported vulnerability in Windows. This vulnerability could allow elevation of privileges if an attacker runs a specially crafted application on an affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

↑ Back to the top

Introduction

Microsoft has released security bulletin MS15-008. To learn more about this security bulletin:

Home users:
https://www.microsoft.com/security/pc-security/updates.aspx
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update website now:
https://update.microsoft.com/microsoftupdate/
IT professionals:
https://technet.microsoft.com/library/security/MS15-008

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security support and troubleshooting

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International support

Important

All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.
If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

↑ Back to the top

More Information

Systems that are running Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 are affected only if the Desktop Experience feature is installed. These systems will not be offered the update if the Desktop Experience feature is not installed.

Security update deployment information

Windows Server 2003 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2003: WindowsServer2003-KB3019215-x86-ENU.exe
	For all supported x64-based editions of Windows Server 2003: WindowsServer2003-KB3019215-x64-ENU.exe
	For all supported Itanium-based editions of Windows Server 2003: WindowsServer2003-KB3019215-ia64-ENU.exe
Installation switches	See Microsoft Knowledge Base Article 934307
Update Log File	KB3019215.log
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	Use Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB3019215$\Spuninst folder
File information	See the file information section.
Registry key verification	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3019215\Filelist

Windows Vista (all editions)

Reference table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Vista: Windows6.0-KB3019215-x86.msu
	For all supported x64-based editions of Windows Vista: Windows6.0-KB3019215-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2008: Windows6.0-KB3019215-x86.msu
	For all supported x64-based editions of Windows Server 2008: Windows6.0-KB3019215-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For all supported 32-bit editions of Windows 7: Windows6.1-KB3019215-x86.msu
	For all supported x64-based editions of Windows 7: Windows6.1-KB3019215-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For all supported x64-based editions of Windows Server 2008 R2: Windows6.1-KB3019215-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For all supported 32-bit editions of Windows 8: Windows8-RT-KB3019215-x86.msu
	For all supported x64-based editions of Windows 8: Windows8-RT-KB3019215-x64.msu
	For all supported 32-bit editions of Windows 8.1: Windows8.1-KB3019215-x86.msu
	For all supported x64-based editions of Windows 8.1: Windows8.1-KB3019215-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For all supported editions of Windows Server 2012: Windows8-RT-KB3019215-x64.msu
	For all supported editions of Windows Server 2012 R2: Windows8.1-KB3019215-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)

Reference table

The following table contains the security update information for this software.

Deployment	These updates are available via Windows Update only.
Restart Requirement	Yes, you must restart your system after you apply this security update.
Removal Information	Click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File Information	See the file information section.

↑ Back to the top

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2003 file information

The files that apply to a specific milestone (SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.
In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x64-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Mrxdav.sys	5.2.3790.5508	188,928	19-Dec-2014	00:49	x86	SP2	SP2QFE

For all supported x86-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Mrxdav.sys	5.2.3790.5508	273,920	30-Dec-2014	03:48	x64	SP2	SP2QFE

For all supported IA-64-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Mrxdav.sys	5.2.3790.5508	553,472	30-Dec-2014	03:48	IA-64	SP2	SP2QFE

Windows Vista and Windows Server 2008 file information

The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.0.6002.19xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 GDR
6.0.6002.23xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File name	File version	File size	Date	Time	Platform
Mrxdav.sys	6.0.6002.19273	115,200	19-Dec-2014	00:25	x86
Mrxdav.sys	6.0.6002.23581	115,200	19-Dec-2014	00:13	x86

For all supported x64-based versions of Windows Vista and Windows Server 2008

File name	File version	File size	Date	Time	Platform
Mrxdav.sys	6.0.6002.19273	139,776	19-Dec-2014	00:26	x64
Mrxdav.sys	6.0.6002.23581	139,776	19-Dec-2014	00:36	x64
Mrxdav.sys	6.0.6002.19273	115,200	19-Dec-2014	00:25	x86
Mrxdav.sys	6.0.6002.23581	115,200	19-Dec-2014	00:13	x86

Windows 7 and Windows Server 2008 R2 file information

The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.1.7601.18xxx Windows 7 and Windows Server 2008 R2 SP1 GDR
6.1.7601.22xxx Windows 7 and Windows Server 2008 R2 SP1 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File name	File version	File size	Date	Time	Platform
Davclnt.dll	6.1.7601.22913	87,552	19-Dec-2014	03:03	x86
Mrxdav.sys	6.1.7601.18706	116,224	19-Dec-2014	01:34	x86
Mrxdav.sys	6.1.7601.22913	116,736	19-Dec-2014	01:40	x86
Webclnt.dll	6.1.7601.22913	210,432	19-Dec-2014	03:03	x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File name	File version	File size	Date	Time	Platform
Davclnt.dll	6.1.7601.22913	109,056	19-Dec-2014	03:30	x64
Mrxdav.sys	6.1.7601.18706	141,312	19-Dec-2014	01:46	x64
Mrxdav.sys	6.1.7601.22913	142,336	19-Dec-2014	01:53	x64
Webclnt.dll	6.1.7601.22913	265,216	19-Dec-2014	03:30	x64
Mrxdav.sys	6.1.7601.18706	116,224	19-Dec-2014	01:34	x86
Mrxdav.sys	6.1.7601.22913	116,736	19-Dec-2014	01:40	x86
Davclnt.dll	6.1.7601.22913	87,552	19-Dec-2014	03:03	x86
Webclnt.dll	6.1.7601.22913	210,432	19-Dec-2014	03:03	x86

Windows 8 and Windows Server 2012 file information

The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.2.920 0.17 xxx Windows 8 and Windows Server 2012 RTM GDR
6.2.920 0.21 xxx Windows 8 and Windows Server 2012 RTM LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File name	File version	File size	Date	Time	Platform
Mrxdav.sys	6.2.9200.17219	122,880	19-Dec-2014	04:04	x86
Mrxdav.sys	6.2.9200.21317	122,880	08-Dec-2014	03:34	x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File name	File version	File size	Date	Time	Platform
Mrxdav.sys	6.2.9200.17219	142,336	19-Dec-2014	04:35	x64
Mrxdav.sys	6.2.9200.21317	142,336	08-Dec-2014	04:37	x64

Windows 8.1 and Windows Server 2012 R2 file information

For all supported x86-based versions of Windows 8.1

File name	File version	File size	Date	Time	Platform
Mrxdav.sys	6.3.9600.17560	124,928	19-Dec-2014	05:46	x86

For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2

File name	File version	File size	Date	Time	Platform
Mrxdav.sys	6.3.9600.17560	140,800	19-Dec-2014	06:26	x64

File hash information

File name	SHA1 hash	SHA256 hash
Windows6.0-KB3019215-x86.msu	1C6F42295332557A705A1E52428595E785F6AE66	FD3501488DE22F1A1557C685EC229AF1012CB2E2B6CBB786249D43DF0C983F42
Windows6.1-KB3019215-x86.msu	33A2D54F2306208AAE5E43605B63D6DB7E8AE47F	91F071870836F079D907CE7B37C67AA33E42726FA41C13D5DB656A4C1D7C1A4D
Windows8.1-KB3019215-x86.msu	353F5EC99AD7FEDC7281943E4B971FF2F9A6E8E9	1DB98FE77B30E811884194B80DED6022D44871870447BB3192EB422840EED169
Windows8-RT-KB3019215-x86.msu	B6A4D3AC522C3AEED56311482D143E4E5E09C08C	03E3A17D00472E88B1B70335596E8C1A273E8DF97F3308879ACE4CBCDCF5E988
WindowsServer2003-KB3019215-ia64-DEU.exe	F98F89A0A9D4126252773E721789BC4B62694A84	863CF10525F2442A52B0D2C7782264A9DBC507371D8E456D110A08F17D4F37E4
WindowsServer2003-KB3019215-ia64-ENU.exe	B0DD59E7B38A757323D3A598BD11E20BFDA1F092	CF92B3EC9C7FD512FD1E0670C21A1406040D44BEA61C633C7601AD0812E777EE
WindowsServer2003-KB3019215-ia64-FRA.exe	8E54864615D9DECC726FA49BED79B619AF5E0B1B	CD1F88199439C5360529FA6A1E32FFCF1E848AB0DFFAC29AD87915E70998A2C8
WindowsServer2003-KB3019215-ia64-JPN.exe	DDD6EB3B2DBE7F9508167FE979175D5EDEBA6D0C	C65E19EC4260FFE12DCBC9648B53497D6634EA078A4122B417CA28D962BA36B4
WindowsServer2003-KB3019215-x86-CHS.exe	6CC0148AB9A01B55DC49C12036F596000CE277FE	DAA78D69EF3378AF7B767BCD34DD486645457A8E22EEF3F8D4CD19E7D382042B
WindowsServer2003-KB3019215-x86-CHT.exe	0A19C9E14819D9766ECA4720AFAEA2EF51F29F75	762B57846FAE33AF1CA8BE7984D8B6166996FDFAA05B3BE40E46324ECE94CC21
WindowsServer2003-KB3019215-x86-CSY.exe	D7DAFEAF2F7CCFA28B8B62ADB142EAD13753AC9C	F98CC902532807BACE7D9C9969F36F766DB63D402AE5C1438726EC73A5009EEB
WindowsServer2003-KB3019215-x86-DEU.exe	B489E432A54363F66B497B2489FC617B2B67A266	85C18B91D32B31385A9B68127117A66D16A926E73DD2FD6AF94932AE449C46A3
WindowsServer2003-KB3019215-x86-ENU.exe	1CD0C43D53EEB8B46F216263119F50B22E5CC7D3	ED1ABAB2404BF8B5D67E62A85098E4C5DE6AC34979EF7E7E476AA8ED8E979604
WindowsServer2003-KB3019215-x86-ESN.exe	373395CDC73BBC3C5FEF96E0628C56B0D8087969	C0F22984622089BD36ACA2BB91CE02D9F95B58D34CEC7942E0E1434943CB492C
WindowsServer2003-KB3019215-x86-FRA.exe	229AB21BBDF968D45F734A1A4E6E48431F0DA9F5	AC2DFF63F9769BE101A850ED37A1A8AA1FDAC7BB5480EB7F7E9DF12EFB000A7C
WindowsServer2003-KB3019215-x86-HUN.exe	8DA9BF9B25036CE8F6BD5F4A1EA6140D6903AB9F	E3DF8A90B62126AE0A1D6D1EC97CF269414329C143126C19F983F6BE46A4D041
WindowsServer2003-KB3019215-x86-ITA.exe	49C755BE8FCB23558DE8071D6C58842D7301544F	145FF5884C73FE6EDC05D0AA5AA2877092517115C1D6273220B8FC03F43AC2F9
WindowsServer2003-KB3019215-x86-JPN.exe	0766863EFDD96BF552027AA33F210720DFD1E502	10E2593E65F608B0CDD36185459D8DC81098DCC25F5878DEAF98195E3B03EA91
WindowsServer2003-KB3019215-x86-KOR.exe	345CE1D905E9331EEB2DC4E20E77E5D9EE190FD8	F7A79E903BD356698C363F8BE0018318ED2AA1887593918C25471092A9FC826E
WindowsServer2003-KB3019215-x86-NLD.exe	BDF21D4812CE8C2E5405480E5DE289D914979E9B	F27BC655A8A3B9E3ABCEA3999BFE4A696A0E0B7B38261D786777F7E7EA155197
WindowsServer2003-KB3019215-x86-PLK.exe	542231FC2F361FC87B52548CB396C0AB240D64B4	E38BC0C29B93496944BEC60BC8A9D22AE80C174F53DB56F42760D1F5D0B5D165
WindowsServer2003-KB3019215-x86-PTB.exe	48801A36736F3591B16D8A60CC2E17A0EF852346	DB418E19075BF2486C001F89A282A9871A9F273C6C8822B9757B3503EC7F26EF
WindowsServer2003-KB3019215-x86-PTG.exe	61761BC4097C980C7D486B8A466382C7FC4A28A6	CB8E02D8DF526227478C5E9BE4F5E40A0308FAB67BACA18A24FEA92AE3B41CAC
WindowsServer2003-KB3019215-x86-RUS.exe	A504945F7EAE2679E0200430D29D5ACCD89581A6	AF1AE10087C21CCB0B0B4844C37D96C0309EE422CA103AB9AAC25265AADCAB9B
WindowsServer2003-KB3019215-x86-SVE.exe	8D5C8B95496AFA35866326741A55308AC6A528AF	859905201E9FC08C0781D2F5CDB1044D342DE15F0A385B90EEF8BE444FA558B9
WindowsServer2003-KB3019215-x86-TRK.exe	45C1AD15E15EC6DCD8B5D0B6EAAA6BB67908A02F	21AD8E3AEDEEE70D6A3FD5246F06394E15F0154ABA0CE1F962460AEA2923FABF

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info

Article ID	:	3019215
Revision	:	3
Created on	:	8/9/2017
Published on	:	8/9/2017
Exists online	:	False
Views	:	276