Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-002: Vulnerability in the Windows Telnet service could cause remote code execution: January 13, 2015


View products that this article applies to.

Summary

This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to an affected Windows-based server. Only customers who enable this service are vulnerable. By default, Telnet is installed but not enabled on Windows Server 2003. By default, Telnet is not installed on Windows Vista and later operating systems.

↑ Back to the top


Introduction

Microsoft has released security bulletin MS15-002. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top


More Information

Security update deployment information

Windows Server 2003 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Server 2003:
WindowsServer2003-KB3020393-x86-ENU.exe
For all supported x64-based editions of Windows Server 2003:
WindowsServer2003-KB3020393-x64-ENU.exe
For all supported Itanium-based editions of Windows Server 2003:
WindowsServer2003-KB3020393-ia64-ENU.exe
Installation switchesSee Microsoft Knowledge Base Article 934307
Update Log FileKB3020393.log
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal informationUse Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB3020393$\Spuninst folder
File informationSee the file information section.
Registry key verificationHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3020393\Filelist

Windows Vista (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Vista:
Windows6.0-KB3020393-x86.msu
For all supported x64-based editions of Windows Vista:
Windows6.0-KB3020393-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal informationWUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Server 2008:
Windows6.0-KB3020393-x86.msu
For all supported x64-based editions of Windows Server 2008:
Windows6.0-KB3020393-x64.msu
For all supported Itanium-based editions of Windows Server 2008:
Windows6.0-KB3020393-ia64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal informationWUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 7:
Windows6.1-KB3020393-x86.msu
For all supported x64-based editions of Windows 7:
Windows6.1-KB3020393-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported x64-based editions of Windows Server 2008 R2:
Windows6.1-KB3020393-x64.msu
For all supported Itanium-based editions of Windows Server 2008 R2:
Windows6.1-KB3020393-ia64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 8:
Windows8-RT-KB3020393-x86.msu
For all supported x64-based editions of Windows 8:
Windows8-RT-KB3020393-x64.msu
For all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3020393-x86.msu
For all supported x64-based editions of Windows 8.1:
Windows8.1-KB3020393-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported editions of Windows Server 2012:
Windows8-RT-KB3020393-x64.msu
For all supported editions of Windows Server 2012 R2:
Windows8.1-KB3020393-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementThis update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.
DeploymentThese updates are available through Windows Update only.
Restart RequirementYes, you must restart your system after you apply this security update.
Removal InformationClick Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File InformationSee the file information section.

↑ Back to the top


File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2003 file information
  • The files that apply to a specific milestone (SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.
  • In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x64-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Tlntsess.exe5.2.3790.5491129,53606-Dec-201403:32x64SP2SP2QFE

For all supported x86-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Tlntsess.exe5.2.3790.549183,96806-Dec-201401:58x86SP2SP2QFE

For all supported IA-64-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Tlntsess.exe5.2.3790.5491222,72006-Dec-201403:32IA-64SP2SP2QFE

Windows Vista and Windows Server 2008 file information
  • The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.0.6002.18xxxWindows Vista SP2 and Windows Server 2008 SP2SP2GDR
    6.0.6002.23xxxWindows Vista SP2 and Windows Server 2008 SP2SP2LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.0.6002.1925088,57606-Dec-201401:39x86
Tlntsess.exe6.0.6002.2355788,57606-Dec-201401:39x86

For all supported x64-based versions of Windows Vista and Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.0.6002.19250103,93606-Dec-201401:55x64
Tlntsess.exe6.0.6002.23557103,93606-Dec-201401:59x64

For all supported IA-64-based versions of Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.0.6002.19250208,89606-Dec-201401:52IA-64
Tlntsess.exe6.0.6002.23557208,89606-Dec-201401:46IA-64

Windows 7 and Windows Server 2008 R2 file information
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.1.7601.18xxxWindows 7 and Windows Server 2008 R2SP1GDR
    6.1.7601.22xxxWindows 7 and Windows Server 2008 R2SP1LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.1.7601.1868589,60006-Dec-201403:49x86
Tlntsess.exe6.1.7601.2289389,60006-Dec-201404:17x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.1.7601.18685105,47206-Dec-201404:17x64
Tlntsess.exe6.1.7601.22893105,47206-Dec-201404:31x64

For all supported IA-64-based versions of Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.1.7601.18685211,96806-Dec-201403:30IA-64
Tlntsess.exe6.1.7601.22893211,96806-Dec-201403:18IA-64

Windows 8 and Windows Server 2012 file information
  • The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.2.920 0.16 xxxWindows 8 and Windows Server 2012RTMGDR
    6.2.920 0.20 xxxWindows 8 and Windows Server 2012RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.2.9200.1719888,06404-Dec-201423:51x86
Tlntsess.exe6.2.9200.2131588,06405-Dec-201400:49x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.2.9200.17198101,37605-Dec-201401:43x64
Tlntsess.exe6.2.9200.21315101,37604-Dec-201419:05x64

Windows 8.1 and Windows Server 2012 R2 file information

For all supported x86-based versions of Windows 8.1

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.3.9600.1754789,60003-Dec-201402:00x86

For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2

File nameFile versionFile sizeDateTimePlatform
Tlntsess.exe6.3.9600.17547102,91202-Dec-201423:22x64

File hash information
File nameSHA1 hashSHA256 hash
Windows6.0-KB3020393-ia64.msu0128D362F709C09A75F989EFFCF996C6EDF375D7DB4FC53EF71ED330A5D8BD01560681E4CAC14B9107F1723F4D0B3191822C583B
Windows6.0-KB3020393-x86.msuF65B63B8AF2F1504140C67AE6165C28947805895EB87EB80F0D3A3FB03663F0A2FFFCF27D08136EFDA09748997758D87893095A4
Windows6.1-KB3020393-ia64.msuDA576594329DBF3C704EE443898B2128FB85C06608C4BA42EF52A3F3D149E644BC9B5B50CF9E6EE917878D37400168ED87240A71
Windows6.1-KB3020393-x86.msu35D02BDF66B857877A64E797EACFA13F301AC0EFFC6A53B8032CF2B98F5206611905F3F3467A4917115F07E79D8975E4971141BB
Windows8.1-KB3020393-x86.msu940C4809DD3A2F3D89B4E2B41324691DF1FA784A603EF89CEE25AF430FC9125DA5E11E41D47794BE88651BDA64CF3B0BDD40B9CB
Windows8-RT-KB3020393-x86.msuBAAD95933BF6913FE3EC62237CB81D5C0935F926DE950316B14B6B25C2E06E12A8E2A78DFA0B9F6009C5444B79F456A93DF0531B
WindowsServer2003-KB3020393-ia64-DEU.exe0094CC1F640C9C50C2CBEB84211B4E18E91B39A60CA35569BF598204D6D0C6ECA0FFBFC23CE6098AC0D4E59937E9E0DA494BF84A
WindowsServer2003-KB3020393-ia64-ENU.exe411005E1B87AA5E010C810ABE75B20A49B50328EBD3B7344124891369F831AF22C66F65935DDA499CEBC5D5DCE6B4CC3ADC2EAF2
WindowsServer2003-KB3020393-ia64-FRA.exe9448886963E9D81E793CFFD1435E7BEBEDC2832402CA461BD2455AEA1409298A215B1A4CB5E8BB1D15CD9CADF2EC8E4FE4ABC94F
WindowsServer2003-KB3020393-ia64-JPN.exeDA374057F12B074C56182489600BB12111E4638916ACDAE4DDAFB1AF428EE2C6DA283862388C2602EF7EE568E99FD55A2F5C2717
WindowsServer2003-KB3020393-x86-CHS.exe34FF71850243508823DB528FA7D83FEDC05974F3BF06B469DC2DE52B2180FED1CD813EC622B8C8010EAF0A67729427B6F8187F4F
WindowsServer2003-KB3020393-x86-CHT.exeB784270542FA33E9DEDD64B8DE04DED6E8CFECF849B1A6D3DCBB5B415971A56F085BF06BE61C0AE1ED0FD70762961E2B8EDB348E
WindowsServer2003-KB3020393-x86-CSY.exeB315C84B244E405D1C646B19D027B44B97F9C40FCBF49997521FB593457D6B0CFA0101336EF909A3E6D29BE51CE3FBF03879AD60
WindowsServer2003-KB3020393-x86-DEU.exeC4E8632A94507CE8DC6D3456818648AC2CD7B5ABE3D335AFA806E8406F81636458B989B9704F3920A9304F40A7D94AD0E8027DC7
WindowsServer2003-KB3020393-x86-ENU.exe14A4A4EEF6B3783C6672CED37ADCD2EBEE65C13E32668D0A617A825C7DD5A49F71934E48ECF57EFDC5270BEC0EACE480CF1BAE6D
WindowsServer2003-KB3020393-x86-ESN.exe04D7DB498A7D12E3A3D9E5531FDD5CE4FAF0DCAE4FC771D16C5C2382475F7880A85DF02882D33526DB8AE46B840ECE49AFD001CA
WindowsServer2003-KB3020393-x86-FRA.exeED40A450A1FC5EEBECEF231E8F72A0D650983582B4C572C1315952713A240638B2D5F3D9AB62FFF690D0DD3E3D94BD4C2FA17A7C
WindowsServer2003-KB3020393-x86-HUN.exe358240BD5D039DADE57FAE49D6EC73E5A28341322B5F0E9AF48D25E2F206113807C025BC3CC21B420D5FB9FAF24BA8328459BD07
WindowsServer2003-KB3020393-x86-ITA.exe4838E4766077AD8CB0315116B51A9A01F0D46A5C0B334AED0BF0676BDA6176032E5144AAEE193665B85CE33B2ACD4B66B93208D4
WindowsServer2003-KB3020393-x86-JPN.exe78AAB5E0B7E72F742F7CCA989A2DA6A74587750E866B0B5EE4D3F92A98BED620522533040181FBFBF1424793DE884B9885A8BE24
WindowsServer2003-KB3020393-x86-KOR.exe3199E7943B907C063C7A24D4B94286E0A99F5C853C597D814FADEB79B77E1C73ADFC0B8BC2F537F82106C22769AFD839CBF3837C
WindowsServer2003-KB3020393-x86-NLD.exeED45B95640BBCE1D6432561E89A47CF963B4089DE63E1419E061A159FA99C1468ACFE37AE27F13DB56FE4AE3A999A5291133FE1E
WindowsServer2003-KB3020393-x86-PLK.exe1CC76B31323DC64D529BB6C45C2D82E408288E3B6EC3F5DE77F489AF19DFBF0A362B5E483584BFC02FB907276CB4BFFEE4215578
WindowsServer2003-KB3020393-x86-PTB.exe1EFB33636BE401C8283E5D9616E87A156646DC828BBCD3CAE006D8B50349E353BE8527E2B229A02883ABABE7B747FA2D9AE9BCFA
WindowsServer2003-KB3020393-x86-PTG.exeE5E28F1FF3CF56F5D7FFB8A3BC418A194F4AEEF54F2FA3EE5D4B7944AAE0AF36D5647059F9AC428F6C29807D03E236DF2A619D5B
WindowsServer2003-KB3020393-x86-RUS.exe38062AC11ADDC53C7EE748C5AC460BACAA78782DB36CBA0A814E8CE8E132F54BD14FA39A7824973DC57AF89312233CFF79248A03
WindowsServer2003-KB3020393-x86-SVE.exeFEDFB2B3E7AF90A0DE9528C8DDF111373B643FF45C64106A3B3B591BF409F42B1A1F3F26515F3A170BE2E752AFBDD5FA2341456B
WindowsServer2003-KB3020393-x86-TRK.exe040781CA0B7A226704DC1EAB0C3A81962B72869736A98F9A01F3D86D8574FBAD3606B4881D492AA6CA081077044DFDFE6E8A5940

↑ Back to the top


Applies to:

↑ Back to the top

Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info
Article ID : 3020393
Revision : 1
Created on : 1/7/2017
Published on : 1/13/2015
Exists online : False
Views : 427