Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-002: Vulnerability in the Windows Telnet service could cause remote code execution: January 13, 2015

View products that this article applies to.

Summary

This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to an affected Windows-based server. Only customers who enable this service are vulnerable. By default, Telnet is installed but not enabled on Windows Server 2003. By default, Telnet is not installed on Windows Vista and later operating systems.

↑ Back to the top

Introduction

Microsoft has released security bulletin MS15-002. To learn more about this security bulletin:

Home users:
https://www.microsoft.com/security/pc-security/updates.aspx
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update website now:
https://update.microsoft.com/microsoftupdate/
IT professionals:
https://technet.microsoft.com/library/security/MS15-002

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top

More Information

Security update deployment information

Windows Server 2003 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2003: WindowsServer2003-KB3020393-x86-ENU.exe
	For all supported x64-based editions of Windows Server 2003: WindowsServer2003-KB3020393-x64-ENU.exe
	For all supported Itanium-based editions of Windows Server 2003: WindowsServer2003-KB3020393-ia64-ENU.exe
Installation switches	See Microsoft Knowledge Base Article 934307
Update Log File	KB3020393.log
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	Use Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB3020393$\Spuninst folder
File information	See the file information section.
Registry key verification	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3020393\Filelist

Windows Vista (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Vista: Windows6.0-KB3020393-x86.msu
	For all supported x64-based editions of Windows Vista: Windows6.0-KB3020393-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2008: Windows6.0-KB3020393-x86.msu
	For all supported x64-based editions of Windows Server 2008: Windows6.0-KB3020393-x64.msu
	For all supported Itanium-based editions of Windows Server 2008: Windows6.0-KB3020393-ia64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported 32-bit editions of Windows 7: Windows6.1-KB3020393-x86.msu
	For all supported x64-based editions of Windows 7: Windows6.1-KB3020393-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported x64-based editions of Windows Server 2008 R2: Windows6.1-KB3020393-x64.msu
	For all supported Itanium-based editions of Windows Server 2008 R2: Windows6.1-KB3020393-ia64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported 32-bit editions of Windows 8: Windows8-RT-KB3020393-x86.msu
	For all supported x64-based editions of Windows 8: Windows8-RT-KB3020393-x64.msu
	For all supported 32-bit editions of Windows 8.1: Windows8.1-KB3020393-x86.msu
	For all supported x64-based editions of Windows 8.1: Windows8.1-KB3020393-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported editions of Windows Server 2012: Windows8-RT-KB3020393-x64.msu
	For all supported editions of Windows Server 2012 R2: Windows8.1-KB3020393-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.

Deployment	These updates are available through Windows Update only.
Restart Requirement	Yes, you must restart your system after you apply this security update.
Removal Information	Click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File Information	See the file information section.

↑ Back to the top

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2003 file information

The files that apply to a specific milestone (SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.
In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x64-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Tlntsess.exe	5.2.3790.5491	129,536	06-Dec-2014	03:32	x64	SP2	SP2QFE

For all supported x86-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Tlntsess.exe	5.2.3790.5491	83,968	06-Dec-2014	01:58	x86	SP2	SP2QFE

For all supported IA-64-based versions of Windows Server 2003

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Tlntsess.exe	5.2.3790.5491	222,720	06-Dec-2014	03:32	IA-64	SP2	SP2QFE

Windows Vista and Windows Server 2008 file information

The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.0.6002.18xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 GDR
6.0.6002.23xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.0.6002.19250	88,576	06-Dec-2014	01:39	x86
Tlntsess.exe	6.0.6002.23557	88,576	06-Dec-2014	01:39	x86

For all supported x64-based versions of Windows Vista and Windows Server 2008

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.0.6002.19250	103,936	06-Dec-2014	01:55	x64
Tlntsess.exe	6.0.6002.23557	103,936	06-Dec-2014	01:59	x64

For all supported IA-64-based versions of Windows Server 2008

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.0.6002.19250	208,896	06-Dec-2014	01:52	IA-64
Tlntsess.exe	6.0.6002.23557	208,896	06-Dec-2014	01:46	IA-64

Windows 7 and Windows Server 2008 R2 file information

The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.1.7601.18xxx Windows 7 and Windows Server 2008 R2 SP1 GDR
6.1.7601.22xxx Windows 7 and Windows Server 2008 R2 SP1 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.1.7601.18685	89,600	06-Dec-2014	03:49	x86
Tlntsess.exe	6.1.7601.22893	89,600	06-Dec-2014	04:17	x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.1.7601.18685	105,472	06-Dec-2014	04:17	x64
Tlntsess.exe	6.1.7601.22893	105,472	06-Dec-2014	04:31	x64

For all supported IA-64-based versions of Windows Server 2008 R2

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.1.7601.18685	211,968	06-Dec-2014	03:30	IA-64
Tlntsess.exe	6.1.7601.22893	211,968	06-Dec-2014	03:18	IA-64

Windows 8 and Windows Server 2012 file information

The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.2.920 0.16 xxx Windows 8 and Windows Server 2012 RTM GDR
6.2.920 0.20 xxx Windows 8 and Windows Server 2012 RTM LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.2.9200.17198	88,064	04-Dec-2014	23:51	x86
Tlntsess.exe	6.2.9200.21315	88,064	05-Dec-2014	00:49	x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.2.9200.17198	101,376	05-Dec-2014	01:43	x64
Tlntsess.exe	6.2.9200.21315	101,376	04-Dec-2014	19:05	x64

Windows 8.1 and Windows Server 2012 R2 file information

For all supported x86-based versions of Windows 8.1

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.3.9600.17547	89,600	03-Dec-2014	02:00	x86

For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2

File name	File version	File size	Date	Time	Platform
Tlntsess.exe	6.3.9600.17547	102,912	02-Dec-2014	23:22	x64

File hash information

File name	SHA1 hash	SHA256 hash
Windows6.0-KB3020393-ia64.msu	0128D362F709C09A75F989EFFCF996C6EDF375D7	DB4FC53EF71ED330A5D8BD01560681E4CAC14B9107F1723F4D0B3191822C583B
Windows6.0-KB3020393-x86.msu	F65B63B8AF2F1504140C67AE6165C28947805895	EB87EB80F0D3A3FB03663F0A2FFFCF27D08136EFDA09748997758D87893095A4
Windows6.1-KB3020393-ia64.msu	DA576594329DBF3C704EE443898B2128FB85C066	08C4BA42EF52A3F3D149E644BC9B5B50CF9E6EE917878D37400168ED87240A71
Windows6.1-KB3020393-x86.msu	35D02BDF66B857877A64E797EACFA13F301AC0EF	FC6A53B8032CF2B98F5206611905F3F3467A4917115F07E79D8975E4971141BB
Windows8.1-KB3020393-x86.msu	940C4809DD3A2F3D89B4E2B41324691DF1FA784A	603EF89CEE25AF430FC9125DA5E11E41D47794BE88651BDA64CF3B0BDD40B9CB
Windows8-RT-KB3020393-x86.msu	BAAD95933BF6913FE3EC62237CB81D5C0935F926	DE950316B14B6B25C2E06E12A8E2A78DFA0B9F6009C5444B79F456A93DF0531B
WindowsServer2003-KB3020393-ia64-DEU.exe	0094CC1F640C9C50C2CBEB84211B4E18E91B39A6	0CA35569BF598204D6D0C6ECA0FFBFC23CE6098AC0D4E59937E9E0DA494BF84A
WindowsServer2003-KB3020393-ia64-ENU.exe	411005E1B87AA5E010C810ABE75B20A49B50328E	BD3B7344124891369F831AF22C66F65935DDA499CEBC5D5DCE6B4CC3ADC2EAF2
WindowsServer2003-KB3020393-ia64-FRA.exe	9448886963E9D81E793CFFD1435E7BEBEDC28324	02CA461BD2455AEA1409298A215B1A4CB5E8BB1D15CD9CADF2EC8E4FE4ABC94F
WindowsServer2003-KB3020393-ia64-JPN.exe	DA374057F12B074C56182489600BB12111E46389	16ACDAE4DDAFB1AF428EE2C6DA283862388C2602EF7EE568E99FD55A2F5C2717
WindowsServer2003-KB3020393-x86-CHS.exe	34FF71850243508823DB528FA7D83FEDC05974F3	BF06B469DC2DE52B2180FED1CD813EC622B8C8010EAF0A67729427B6F8187F4F
WindowsServer2003-KB3020393-x86-CHT.exe	B784270542FA33E9DEDD64B8DE04DED6E8CFECF8	49B1A6D3DCBB5B415971A56F085BF06BE61C0AE1ED0FD70762961E2B8EDB348E
WindowsServer2003-KB3020393-x86-CSY.exe	B315C84B244E405D1C646B19D027B44B97F9C40F	CBF49997521FB593457D6B0CFA0101336EF909A3E6D29BE51CE3FBF03879AD60
WindowsServer2003-KB3020393-x86-DEU.exe	C4E8632A94507CE8DC6D3456818648AC2CD7B5AB	E3D335AFA806E8406F81636458B989B9704F3920A9304F40A7D94AD0E8027DC7
WindowsServer2003-KB3020393-x86-ENU.exe	14A4A4EEF6B3783C6672CED37ADCD2EBEE65C13E	32668D0A617A825C7DD5A49F71934E48ECF57EFDC5270BEC0EACE480CF1BAE6D
WindowsServer2003-KB3020393-x86-ESN.exe	04D7DB498A7D12E3A3D9E5531FDD5CE4FAF0DCAE	4FC771D16C5C2382475F7880A85DF02882D33526DB8AE46B840ECE49AFD001CA
WindowsServer2003-KB3020393-x86-FRA.exe	ED40A450A1FC5EEBECEF231E8F72A0D650983582	B4C572C1315952713A240638B2D5F3D9AB62FFF690D0DD3E3D94BD4C2FA17A7C
WindowsServer2003-KB3020393-x86-HUN.exe	358240BD5D039DADE57FAE49D6EC73E5A2834132	2B5F0E9AF48D25E2F206113807C025BC3CC21B420D5FB9FAF24BA8328459BD07
WindowsServer2003-KB3020393-x86-ITA.exe	4838E4766077AD8CB0315116B51A9A01F0D46A5C	0B334AED0BF0676BDA6176032E5144AAEE193665B85CE33B2ACD4B66B93208D4
WindowsServer2003-KB3020393-x86-JPN.exe	78AAB5E0B7E72F742F7CCA989A2DA6A74587750E	866B0B5EE4D3F92A98BED620522533040181FBFBF1424793DE884B9885A8BE24
WindowsServer2003-KB3020393-x86-KOR.exe	3199E7943B907C063C7A24D4B94286E0A99F5C85	3C597D814FADEB79B77E1C73ADFC0B8BC2F537F82106C22769AFD839CBF3837C
WindowsServer2003-KB3020393-x86-NLD.exe	ED45B95640BBCE1D6432561E89A47CF963B4089D	E63E1419E061A159FA99C1468ACFE37AE27F13DB56FE4AE3A999A5291133FE1E
WindowsServer2003-KB3020393-x86-PLK.exe	1CC76B31323DC64D529BB6C45C2D82E408288E3B	6EC3F5DE77F489AF19DFBF0A362B5E483584BFC02FB907276CB4BFFEE4215578
WindowsServer2003-KB3020393-x86-PTB.exe	1EFB33636BE401C8283E5D9616E87A156646DC82	8BBCD3CAE006D8B50349E353BE8527E2B229A02883ABABE7B747FA2D9AE9BCFA
WindowsServer2003-KB3020393-x86-PTG.exe	E5E28F1FF3CF56F5D7FFB8A3BC418A194F4AEEF5	4F2FA3EE5D4B7944AAE0AF36D5647059F9AC428F6C29807D03E236DF2A619D5B
WindowsServer2003-KB3020393-x86-RUS.exe	38062AC11ADDC53C7EE748C5AC460BACAA78782D	B36CBA0A814E8CE8E132F54BD14FA39A7824973DC57AF89312233CFF79248A03
WindowsServer2003-KB3020393-x86-SVE.exe	FEDFB2B3E7AF90A0DE9528C8DDF111373B643FF4	5C64106A3B3B591BF409F42B1A1F3F26515F3A170BE2E752AFBDD5FA2341456B
WindowsServer2003-KB3020393-x86-TRK.exe	040781CA0B7A226704DC1EAB0C3A81962B728697	36A98F9A01F3D86D8574FBAD3606B4881D492AA6CA081077044DFDFE6E8A5940

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info

Article ID	:	3020393
Revision	:	1
Created on	:	1/7/2017
Published on	:	1/13/2015
Exists online	:	False
Views	:	400