Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-038: Vulnerabilities in Windows could allow elevation of privilege: April 14, 2015


View products that this article applies to.

Summary

This security update resolves vulnerabilities in Windows. These vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. To exploit these vulnerabilities, an attacker would first have to log on to the system. The security update addresses the vulnerabilities by correcting how Windows validates impersonation events. For more information about the vulnerabilities, see the "More Information" section.

↑ Back to the top


Introduction

Microsoft has released security bulletin MS15-038. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top


More Information

Known issues and more information about this security update

The following articles contain more information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.
  • 3045685 MS15-038: Description of the security update for Windows April 14, 2015
  • 3045999 MS15-038: Description of the security update for Windows April 14, 2015
Security update deployment information

Windows Server 2003 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Server 2003:
WindowsServer2003-KB3045685-x86-ENU.exe
WindowsServer2003-KB3045999-x86-ENU.exe

For all supported x64-based editions of Windows Server 2003:
WindowsServer2003-KB3045685-x64-ENU.exe
WindowsServer2003-KB3045999-x64-ENU.exe

For all supported Itanium-based editions of Windows Server 2003:
WindowsServer2003-KB3045685-ia64-ENU.exe
WindowsServer2003-KB3045999-ia64-ENU.exe
Installation switchesSee Microsoft Knowledge Base Article 934307
Update Log FileKB3045685.log
KB3045999.log
Restart requirementYou must restart your system after you apply this security update.
Removal informationUse the Add or Remove Programs item in Control Panel or the Spuninst.exe utility that is located in the %Windir%\$NTUninstallKB3045685$\Spuninst folder.

Use the Add or Remove Programs item in Control Panel or the Spuninst.exe that is utility located in the %Windir%\$NTUninstallKB3045999$\Spuninst folder
File informationSee Microsoft Knowledge Base Article 3045685
See Microsoft Knowledge Base Article 3045999
Registry key verificationHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3045685\Filelist

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3045999\Filelist

Windows Vista (all editions)

Reference table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Vista:
Windows6.0-KB3045685-x86.msu
Windows6.0-KB3045999-x86.msu

For all supported x64-based editions of Windows Vista:
Windows6.0-KB3045685-x64.msu
Windows6.0-KB3045999-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYou must restart your system after you apply this security update.
Removal informationWUSA.exe does not support the removal of updates. To uninstall an update that was installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045685
See Microsoft Knowledge Base Article 3045999
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Server 2008:
Windows6.0-KB3045685-x86.msu
Windows6.0-KB3045999-x86.msu

For all supported x64-based editions of Windows Server 2008:
Windows6.0-KB3045685-x64.msu
Windows6.0-KB3045999-x64.msu

For all supported Itanium-based editions of Windows Server 2008:
Windows6.0-KB3045685-ia64.msu
Windows6.0-KB3045999-ia64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYou must restart your system after you apply this security update.
Removal informationWUSA.exe does not support the removal of updates. To uninstall an update that was installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045685
See Microsoft Knowledge Base Article 3045999
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 7:
Windows6.1-KB3045685-x86.msu
Windows6.1-KB3045999-x86.msu

For all supported x64-based editions of Windows 7:
Windows6.1-KB3045685-x64.msu
Windows6.1-KB3045999-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYou must restart your system after you apply this security update.
Removal informationTo uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045685
See Microsoft Knowledge Base Article 3045999
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file nameFor all supported x64-based editions of Windows Server 2008 R2:
Windows6.1-KB3045685-x64.msu
Windows6.1-KB3045999-x64.msu

For all supported Itanium-based editions of Windows Server 2008 R2:
Windows6.1-KB3045685-ia64.msu
Windows6.1-KB3045999-ia64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYou must restart your system after you apply this security update.
Removal informationTo uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045685
See Microsoft Knowledge Base Article 3045999
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 8:
Windows8-RT-KB3045685-x86.msu
Windows8-RT-KB3045999-x86.msu

For all supported x64-based editions of Windows 8:
Windows8-RT-KB3045685-x64.msu
Windows8-RT-KB3045999-x64.msu

For all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3045685-x86.msu
Windows8.1-KB3045999-x86.msu

For all supported x64-based editions of Windows 8.1:
Windows8.1-KB3045685-x64.msu
Windows8.1-KB3045999-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045685
See Microsoft Knowledge Base Article 3045999
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file nameFor all supported editions of Windows Server 2012:
Windows8-RT-KB3045685-x64.msu
Windows8-RT-KB3045999-x64.msu

For all supported editions of Windows Server 2012 R2:
Windows8.1-KB3045685-x64.msu
Windows8.1-KB3045999-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYou must restart your system after you apply this security update.
Removal informationTo uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045685
See Microsoft Knowledge Base Article 3045999
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)

Reference table

The following table contains the security update information for this software.
DeploymentThese updates are available through Windows Update only.
Restart RequirementYes, you must restart your system after you apply this security update.
Removal InformationClick Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates, and select from the list of updates.
File InformationSee Microsoft Knowledge Base Article 3045685
See Microsoft Knowledge Base Article 3045999

↑ Back to the top


File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.



File hash information
Package namePackage Hash SHA1Package Hash SHA2
Windows10.0-KB3045685-x64.msu931D749E60883C1C03348EDB6F0FF5BC9268FE3C6DE58473393C9037CB8DB713F6CCAFC583A30B3BBCFFDA39AD88C9135582EF3B
Windows10.0-KB3045685-x86.msuB5E163493C58A8DD73269C06E2D45DFF7A2E6F181C8C67DCA56FC8C3C854EE925789AE60FF7C81F49D9F1B89B95343FE80DB4E78
Windows6.0-KB3045685-ia64.msuF02C08B343D27261CB9B61C8A012A628C0C297C44DD8D35677AA14EB9E57C01465D22A82527490D470135224A23F5E33786E921C
Windows6.0-KB3045685-x64.msuE01B78A19253A159E75A7434A19CFBA053B9E6AC3F734FE8ED357AF897DF50A070997264C0E04BA8C9B8DD84175F56C82E179FE3
Windows6.0-KB3045685-x86.msu376651B0D6E1EB5816A09B1D45C3FCA0EC756DC29F889230936F6A29FA85D7FA645466C1D968F2B156F38CE057A6362411F6720B
Windows6.0-KB3045999-ia64.msu2331EE460DCC953BA9197212B4A56A4F0EFE0A96C102BCB765E6C13ADF66E11A4C397AEC5BBB837D68CAF6460AE0462A8196FC81
Windows6.0-KB3045999-x64.msu264BF4D2102BDBA0606E57A625C707BC380A3587C98D5003C2C3D5A26A0F5A6736810FF46B6ECE877EDD059CD7D6E423A43746B4
Windows6.0-KB3045999-x86.msuC08CC7A04839666CFA3D396229ACDDC4A2D46093880A3AAE87F6180B98E65B5A3E9BDA02FD5C8476A38010CB2CF1F784FDF8540D
Windows6.1-KB3045685-ia64.msu03FBA1677949593F188138928F26B8B80C55CAFF31E3488176AF504C854A22BE65E90D30A97C1B8C842BE864D36F5680DD397D42
Windows6.1-KB3045685-x64.msuC43565170F9830AAA10A790D0C13122A75E8172CE12963531A4CDA3C9DCF0E9CEEC5A5E3ABB1566DD9CD63F7E691713826E79EB7
Windows6.1-KB3045685-x86.msu4FD2C3120125222145ADFF12D4C3D5D4966C28B243382B381CD045EFD32AB07B4E6A0E3BE0993DCEEF054C1053B73A3482910538
Windows6.1-KB3045999-ia64.msuCDD6D9E7164E29A1CA81A3DD9146945A855EBA23806C15BE47FDFD96301B2422B64ADD7E44F70F578DE925DB47B5DD246EB0433C
Windows6.1-KB3045999-x64.msu18CCFC0E12B525D2897003C476875579D342D4D641975028C08C48EE1486D147098453A4C3D0B46FF9493B0070C09340596F64AE
Windows6.1-KB3045999-x86.msuC1B3FFE9729705276ABF7D369B81C734E62F5884F0A2A8C9D3444009E756230A5D4C5770874E6CB3122EBF08EAB1C2FA574F0A32
Windows8.1-KB3045685-x64.msuE34F6A8551808EEE89B2E4C58388D746CA1FB1EB3891D796B26765A94A9D2278403AE8E9B4881BB896658A9229CB39C196723B2E
Windows8.1-KB3045685-x86.msu626BC97F40FB3F4187966064FB85BE2D0A66075FB4105A72416CD4D2DA5A91F818FEB38806F28EDCCD00F0F45ABE60C7EE5AB742
Windows8.1-KB3045999-x64.msu24D58EC9A3369BF798CB8353D8D6055107966C06C11744C3A04CBA2F796E7190EF1F2CC0EAE5D22C048CDFCE5723974B72F30DFE
Windows8.1-KB3045999-x86.msuB8D8D4498F9265F505F6938ADA99DFCE0ACF0DDC26308C1F8C427499635215482D97384DC4387C288A88F3D16743D33672D08524
Windows8-RT-KB3045685-x64.msu6A4A1F930FE66FD4D9AB934A2FEDF65B22CE81E68CFEF95C6C74A89DDDF285C5DDA6FD063C051041DDFC16A7699540AEB64E3E72
Windows8-RT-KB3045685-x86.msu5303C0FB4B695CD5EDABE08B286BA1DDA00C445151348A27F63342CBB04F9B31A1D6095A0C234D85214D02A1D1DB63FD245C889C
Windows8-RT-KB3045999-x64.msuD504BFD4FD6C626B1C45ED6027C03259F85EF229B2488FDFB11A22C7B0D0E0E1B3B6B05700D418FEA667E280FCA1701897CD8674
Windows8-RT-KB3045999-x86.msu74F2E8C5F30EBEEF67662A5317220E54A1C4DCA579D90D046DB53ADC2E3EB1D2C244903B6E1492048558937A36C3B926A65FE88A
WindowsServer2003-KB3045685-x64-ENU.exe7035B6F96B9A86E2B746E535A777A9448DA9D691512791CF4C0231DDD0E54CFF9414DB4309F9C4E0B30D982A909ED3637D14BBCC
WindowsServer2003-KB3045685-x86-ENU.exe6F64EDE3FA282D20578538041248FA9A8EA4172A07277EBB4B072574CB07BD307773A98D801917D37C04084ABAFD57AE1A136E72
WindowsServer2003-KB3045999-ia64-DEU.exeD3F69C1DD8886A22973E0988483E6B18A278B2258AED9446F2864740D0058498842C420D6B6331D4F61189C570DCE4C5AF8B3D9A
WindowsServer2003-KB3045999-ia64-ENU.exeD8E0B667F6A3AE81E7E1F669093FB92A3A0F91343D0EFECD1E877DA02F1DA26507962B57C0B40CB7CE1FDA945FEE742FD03C2F00
WindowsServer2003-KB3045999-ia64-FRA.exeE30F03BE70533DF9D73C0328A18AA462F5B5FD7D3D69883885A280E3B50BEC4293EBE14847D9F5F4717112284DC4C917F0988B64
WindowsServer2003-KB3045999-ia64-JPN.exeEF705DF76752B4707449C4E5A1D7F04450DB5410F2DF8A01AA71DB82E2B29285A9988A80BCEF84CE8AC896E868153DD279DB1F8C
WindowsServer2003-KB3045999-x64-CHS.exe28C7E2816FE751725552998EC3AF3EB8AC6BE4C6E4C7D21FC311CBA1305731610346851E04C9E052E6CF81DA8F330A5EF060C6F7
WindowsServer2003-KB3045999-x64-CHT.exe33B194E8C474A98EF1607BF6ED5CA845F406937B8C473B4681213D75C1913F192EC93E123D7EEDE696A1A3D7EF109C80DEBEDEBC
WindowsServer2003-KB3045999-x64-DEU.exe0A90711D28EB6E1F3C8BAFF2C1BA826C29668E75C8A5983D9E6F0F616EAAA9D98BB242193549117D7A3620D08FB393C72020DACE
WindowsServer2003-KB3045999-x64-ENU.exe54E8C58006C37C5B968A7286F5DC4720B5D65C3719FD204DA6BE6281A8B8BE57836B11E43A9491A6B34829E8EE7B8C070D6E1194
WindowsServer2003-KB3045999-x64-ESN.exeAEF20645FB46F5552C6E025BB3B5DD8DDB80225D45914A1A77751DA461391440225F4B107B0B946278F4CAF7325E1468619EAB80
WindowsServer2003-KB3045999-x64-FRA.exe06071ACE70E3395E025DB3FBBF6B6F8ABBF15A88B96017E56F9E335F076B323181C1CFD98D315AD21E97B18B955392F62BFD88D9
WindowsServer2003-KB3045999-x64-ITA.exe2497972A041B0EB2E9B15F5115408F44E62C2263ABC9937702541DD0F34C45CB1998E679BD215B49FE49C9EE7C31B67F8EE290A7
WindowsServer2003-KB3045999-x64-JPN.exe4F29C518875799E93598811B8F5DDFF81EBA53D9DD18D54579960C1A20668D12E86451A5D4811F6EEA399273B27519CDBE34ED0B
WindowsServer2003-KB3045999-x64-KOR.exeAEF8810FBE86D2E34326C1D5B740DD4B73DCEB957D88FDF5C71F9DE7821C6C482D20FCFDD264D1A158BDDF64B86AEFCAC72CEB5D
WindowsServer2003-KB3045999-x64-PTB.exeB95FEC93A01CC601EC200706BDEA4146A6AF0539A02268BEAA6642E5CEDCDD7D450903FA4186CB10EF025A4A28ED006AF3D1BAEB
WindowsServer2003-KB3045999-x64-RUS.exe9932200211E87D03F4CC970A03A33F52E51A36C984A52E3B0E1A3E4C06F27F90D22B97A1D16C51DE7379B430708936C45F1FC51F
WindowsServer2003-KB3045999-x86-CHS.exeEE57245890B187F966AEA8AB04347375B03CB4CBBFCA7652C480C6C22E652CD0993B1AB8685583174375DF099A5FF600144CD7C0
WindowsServer2003-KB3045999-x86-CHT.exeEF8EC040CB21AA96E7897A877CB696FE5522DD7C70E2B50D9661D5BA92C4E6D72E4AD1756A7261B878EA3C341B2DF3BB52D5A99D
WindowsServer2003-KB3045999-x86-CSY.exe1A8E21F9B70EC1EAE857B8DACE3C486A19ACF63329C9BB14E8E84BEAF25D732FDBBF84C0497F62C39BBF408A1314448CA711D8DE
WindowsServer2003-KB3045999-x86-DEU.exe67B84D6C619A06260CC7B4E64A32BDC6D38F9024C75EAE0775D0389F6F1749FA7B7A47720CAF9A57623C2594273235073D67C008
WindowsServer2003-KB3045999-x86-ENU.exeC4D12A0867963ABD74CAC8E6C8F2F57CB8B019CC9CE2E0B9C531B9A76C06D44F5ECAABEA3A1C4FA52198BCD890F8E0ACF0CF1BEA
WindowsServer2003-KB3045999-x86-ESN.exe4222324038010C5792A11C21A7F6F10A0D3DDD0F09D6DE8F4E0896A438EB450EEBA3DB67991A5A5E18454B409EADB218ED1F064C
WindowsServer2003-KB3045999-x86-FRA.exe8596A6B2915CD76963118EB27F73D80BDFFA3C28F84577DDF4577191B1F8AB72B0B3077D84EF809CF79A101D8B12967D5AA0449C
WindowsServer2003-KB3045999-x86-HUN.exe325AF8F071E9A786D6F0AD7AC3580EC77307108D82B1C03D1D8C13B98F25694A675D79D0D9224D28B089390399A888C3651B9676
WindowsServer2003-KB3045999-x86-ITA.exe62A60D435D4E19FE8757D6D0484E1B4831983559124F08156E9F20DAA4CD47644CE107605559B12360146D7AB310E704F232621D
WindowsServer2003-KB3045999-x86-JPN.exe27BBF9919BDBA786B073223B7A22957D74C37E45B491DE19A69E1931430FDE37EE53B3E0FCE663A0371D5C2D752EC82BE8BEBF96
WindowsServer2003-KB3045999-x86-KOR.exeE2F0CECAA2FF618FB2660F6B60D7D0F67DB5FB1C95DDB3B6FDE48D2934E234EE37A5923DFEF15CC996149E29A5B0A7F184DF35EE
WindowsServer2003-KB3045999-x86-NLD.exe85374E47286BB075B4B878A8002349D27AA698F532C51E22F60AD14C2C994A45742B858EF73BCEF3E16AF192770E58AB48C2C72D
WindowsServer2003-KB3045999-x86-PLK.exeDFA26FE8A9FF8122DCBCA74DC62043D363994E91E86B1A0748FEAA6F96F16C548C44125AE063BE8BA364F4315756C48E71CBF5EC
WindowsServer2003-KB3045999-x86-PTB.exeFD5070762E72957930986534CE17A04308A5E3C50DDAD7B8F69E28631847788F44F0EF5DF01095A922328F7A300744796992E6A0
WindowsServer2003-KB3045999-x86-PTG.exe2596ED0E3845A2C59F4118990E46E14610B0547D5A672687C4FD50BBC5CE036AA7011ACE2CF2586AB66EC1CFC35B3D6D44F05717
WindowsServer2003-KB3045999-x86-RUS.exeD166B79F3BF7E4ECCD239297E4833A0D8957D6EC9B52D608998133204DD97BF8D6A04B6A6CFF77FF4613D9DAF48B59A8BA46F67D
WindowsServer2003-KB3045999-x86-SVE.exe8DF4FD9867FD2BBF632E1C2161AEF15362C9F20880C8B3A236E05EB4206D1B097592B82C3C80346ABDD58781989D7156E5FFB67E
WindowsServer2003-KB3045999-x86-TRK.exe21A5D65AD34110E36EB0AC13FC0DAC43D6EFB13FD63F319F13C9046E3C6A0D05A37CF17312936E2F943C579A45AD2C83E2186BAF

↑ Back to the top


Applies to:

↑ Back to the top

Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info
Article ID : 3049576
Revision : 1
Created on : 1/7/2017
Published on : 4/14/2015
Exists online : False
Views : 285