Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-038: Vulnerabilities in Windows could allow elevation of privilege: April 14, 2015

View products that this article applies to.

Summary

This security update resolves vulnerabilities in Windows. These vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. To exploit these vulnerabilities, an attacker would first have to log on to the system. The security update addresses the vulnerabilities by correcting how Windows validates impersonation events. For more information about the vulnerabilities, see the "More Information" section.

↑ Back to the top

Introduction

Microsoft has released security bulletin MS15-038. To learn more about this security bulletin:

Home users:
https://www.microsoft.com/security/pc-security/updates.aspx
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update website now:
https://update.microsoft.com/microsoftupdate/
IT professionals:
https://technet.microsoft.com/library/security/MS15-038

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top

More Information

Known issues and more information about this security update

The following articles contain more information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.

3045685 MS15-038: Description of the security update for Windows April 14, 2015
3045999 MS15-038: Description of the security update for Windows April 14, 2015

Security update deployment information

Windows Server 2003 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2003: WindowsServer2003-KB3045685-x86-ENU.exe WindowsServer2003-KB3045999-x86-ENU.exe
	For all supported x64-based editions of Windows Server 2003: WindowsServer2003-KB3045685-x64-ENU.exe WindowsServer2003-KB3045999-x64-ENU.exe
	For all supported Itanium-based editions of Windows Server 2003: WindowsServer2003-KB3045685-ia64-ENU.exe WindowsServer2003-KB3045999-ia64-ENU.exe
Installation switches	See Microsoft Knowledge Base Article 934307
Update Log File	KB3045685.log KB3045999.log
Restart requirement	You must restart your system after you apply this security update.
Removal information	Use the Add or Remove Programs item in Control Panel or the Spuninst.exe utility that is located in the %Windir%\$NTUninstallKB3045685$\Spuninst folder. Use the Add or Remove Programs item in Control Panel or the Spuninst.exe that is utility located in the %Windir%\$NTUninstallKB3045999$\Spuninst folder
File information	See Microsoft Knowledge Base Article 3045685 See Microsoft Knowledge Base Article 3045999
Registry key verification	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3045685\Filelist HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3045999\Filelist

Windows Vista (all editions)

Reference table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Vista: Windows6.0-KB3045685-x86.msu Windows6.0-KB3045999-x86.msu
	For all supported x64-based editions of Windows Vista: Windows6.0-KB3045685-x64.msu Windows6.0-KB3045999-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	You must restart your system after you apply this security update.
Removal information	WUSA.exe does not support the removal of updates. To uninstall an update that was installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates.
File information	See Microsoft Knowledge Base Article 3045685 See Microsoft Knowledge Base Article 3045999
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2008: Windows6.0-KB3045685-x86.msu Windows6.0-KB3045999-x86.msu
	For all supported x64-based editions of Windows Server 2008: Windows6.0-KB3045685-x64.msu Windows6.0-KB3045999-x64.msu
	For all supported Itanium-based editions of Windows Server 2008: Windows6.0-KB3045685-ia64.msu Windows6.0-KB3045999-ia64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	You must restart your system after you apply this security update.
Removal information	WUSA.exe does not support the removal of updates. To uninstall an update that was installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates.
File information	See Microsoft Knowledge Base Article 3045685 See Microsoft Knowledge Base Article 3045999
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For all supported 32-bit editions of Windows 7: Windows6.1-KB3045685-x86.msu Windows6.1-KB3045999-x86.msu
	For all supported x64-based editions of Windows 7: Windows6.1-KB3045685-x64.msu Windows6.1-KB3045999-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	You must restart your system after you apply this security update.
Removal information	To uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates.
File information	See Microsoft Knowledge Base Article 3045685 See Microsoft Knowledge Base Article 3045999
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For all supported x64-based editions of Windows Server 2008 R2: Windows6.1-KB3045685-x64.msu Windows6.1-KB3045999-x64.msu
	For all supported Itanium-based editions of Windows Server 2008 R2: Windows6.1-KB3045685-ia64.msu Windows6.1-KB3045999-ia64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	You must restart your system after you apply this security update.
Removal information	To uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates.
File information	See Microsoft Knowledge Base Article 3045685 See Microsoft Knowledge Base Article 3045999
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported 32-bit editions of Windows 8: Windows8-RT-KB3045685-x86.msu Windows8-RT-KB3045999-x86.msu
	For all supported x64-based editions of Windows 8: Windows8-RT-KB3045685-x64.msu Windows8-RT-KB3045999-x64.msu
	For all supported 32-bit editions of Windows 8.1: Windows8.1-KB3045685-x86.msu Windows8.1-KB3045999-x86.msu
	For all supported x64-based editions of Windows 8.1: Windows8.1-KB3045685-x64.msu Windows8.1-KB3045999-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates, and select from the list of updates.
File information	See Microsoft Knowledge Base Article 3045685 See Microsoft Knowledge Base Article 3045999
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For all supported editions of Windows Server 2012: Windows8-RT-KB3045685-x64.msu Windows8-RT-KB3045999-x64.msu
	For all supported editions of Windows Server 2012 R2: Windows8.1-KB3045685-x64.msu Windows8.1-KB3045999-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	You must restart your system after you apply this security update.
Removal information	To uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates, and select from the list of updates.
File information	See Microsoft Knowledge Base Article 3045685 See Microsoft Knowledge Base Article 3045999
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)

Reference table

The following table contains the security update information for this software.

Deployment	These updates are available through Windows Update only.
Restart Requirement	Yes, you must restart your system after you apply this security update.
Removal Information	Click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates, and select from the list of updates.
File Information	See Microsoft Knowledge Base Article 3045685 See Microsoft Knowledge Base Article 3045999

↑ Back to the top

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

File hash information

Package name	Package Hash SHA1	Package Hash SHA2
Windows10.0-KB3045685-x64.msu	931D749E60883C1C03348EDB6F0FF5BC9268FE3C	6DE58473393C9037CB8DB713F6CCAFC583A30B3BBCFFDA39AD88C9135582EF3B
Windows10.0-KB3045685-x86.msu	B5E163493C58A8DD73269C06E2D45DFF7A2E6F18	1C8C67DCA56FC8C3C854EE925789AE60FF7C81F49D9F1B89B95343FE80DB4E78
Windows6.0-KB3045685-ia64.msu	F02C08B343D27261CB9B61C8A012A628C0C297C4	4DD8D35677AA14EB9E57C01465D22A82527490D470135224A23F5E33786E921C
Windows6.0-KB3045685-x64.msu	E01B78A19253A159E75A7434A19CFBA053B9E6AC	3F734FE8ED357AF897DF50A070997264C0E04BA8C9B8DD84175F56C82E179FE3
Windows6.0-KB3045685-x86.msu	376651B0D6E1EB5816A09B1D45C3FCA0EC756DC2	9F889230936F6A29FA85D7FA645466C1D968F2B156F38CE057A6362411F6720B
Windows6.0-KB3045999-ia64.msu	2331EE460DCC953BA9197212B4A56A4F0EFE0A96	C102BCB765E6C13ADF66E11A4C397AEC5BBB837D68CAF6460AE0462A8196FC81
Windows6.0-KB3045999-x64.msu	264BF4D2102BDBA0606E57A625C707BC380A3587	C98D5003C2C3D5A26A0F5A6736810FF46B6ECE877EDD059CD7D6E423A43746B4
Windows6.0-KB3045999-x86.msu	C08CC7A04839666CFA3D396229ACDDC4A2D46093	880A3AAE87F6180B98E65B5A3E9BDA02FD5C8476A38010CB2CF1F784FDF8540D
Windows6.1-KB3045685-ia64.msu	03FBA1677949593F188138928F26B8B80C55CAFF	31E3488176AF504C854A22BE65E90D30A97C1B8C842BE864D36F5680DD397D42
Windows6.1-KB3045685-x64.msu	C43565170F9830AAA10A790D0C13122A75E8172C	E12963531A4CDA3C9DCF0E9CEEC5A5E3ABB1566DD9CD63F7E691713826E79EB7
Windows6.1-KB3045685-x86.msu	4FD2C3120125222145ADFF12D4C3D5D4966C28B2	43382B381CD045EFD32AB07B4E6A0E3BE0993DCEEF054C1053B73A3482910538
Windows6.1-KB3045999-ia64.msu	CDD6D9E7164E29A1CA81A3DD9146945A855EBA23	806C15BE47FDFD96301B2422B64ADD7E44F70F578DE925DB47B5DD246EB0433C
Windows6.1-KB3045999-x64.msu	18CCFC0E12B525D2897003C476875579D342D4D6	41975028C08C48EE1486D147098453A4C3D0B46FF9493B0070C09340596F64AE
Windows6.1-KB3045999-x86.msu	C1B3FFE9729705276ABF7D369B81C734E62F5884	F0A2A8C9D3444009E756230A5D4C5770874E6CB3122EBF08EAB1C2FA574F0A32
Windows8.1-KB3045685-x64.msu	E34F6A8551808EEE89B2E4C58388D746CA1FB1EB	3891D796B26765A94A9D2278403AE8E9B4881BB896658A9229CB39C196723B2E
Windows8.1-KB3045685-x86.msu	626BC97F40FB3F4187966064FB85BE2D0A66075F	B4105A72416CD4D2DA5A91F818FEB38806F28EDCCD00F0F45ABE60C7EE5AB742
Windows8.1-KB3045999-x64.msu	24D58EC9A3369BF798CB8353D8D6055107966C06	C11744C3A04CBA2F796E7190EF1F2CC0EAE5D22C048CDFCE5723974B72F30DFE
Windows8.1-KB3045999-x86.msu	B8D8D4498F9265F505F6938ADA99DFCE0ACF0DDC	26308C1F8C427499635215482D97384DC4387C288A88F3D16743D33672D08524
Windows8-RT-KB3045685-x64.msu	6A4A1F930FE66FD4D9AB934A2FEDF65B22CE81E6	8CFEF95C6C74A89DDDF285C5DDA6FD063C051041DDFC16A7699540AEB64E3E72
Windows8-RT-KB3045685-x86.msu	5303C0FB4B695CD5EDABE08B286BA1DDA00C4451	51348A27F63342CBB04F9B31A1D6095A0C234D85214D02A1D1DB63FD245C889C
Windows8-RT-KB3045999-x64.msu	D504BFD4FD6C626B1C45ED6027C03259F85EF229	B2488FDFB11A22C7B0D0E0E1B3B6B05700D418FEA667E280FCA1701897CD8674
Windows8-RT-KB3045999-x86.msu	74F2E8C5F30EBEEF67662A5317220E54A1C4DCA5	79D90D046DB53ADC2E3EB1D2C244903B6E1492048558937A36C3B926A65FE88A
WindowsServer2003-KB3045685-x64-ENU.exe	7035B6F96B9A86E2B746E535A777A9448DA9D691	512791CF4C0231DDD0E54CFF9414DB4309F9C4E0B30D982A909ED3637D14BBCC
WindowsServer2003-KB3045685-x86-ENU.exe	6F64EDE3FA282D20578538041248FA9A8EA4172A	07277EBB4B072574CB07BD307773A98D801917D37C04084ABAFD57AE1A136E72
WindowsServer2003-KB3045999-ia64-DEU.exe	D3F69C1DD8886A22973E0988483E6B18A278B225	8AED9446F2864740D0058498842C420D6B6331D4F61189C570DCE4C5AF8B3D9A
WindowsServer2003-KB3045999-ia64-ENU.exe	D8E0B667F6A3AE81E7E1F669093FB92A3A0F9134	3D0EFECD1E877DA02F1DA26507962B57C0B40CB7CE1FDA945FEE742FD03C2F00
WindowsServer2003-KB3045999-ia64-FRA.exe	E30F03BE70533DF9D73C0328A18AA462F5B5FD7D	3D69883885A280E3B50BEC4293EBE14847D9F5F4717112284DC4C917F0988B64
WindowsServer2003-KB3045999-ia64-JPN.exe	EF705DF76752B4707449C4E5A1D7F04450DB5410	F2DF8A01AA71DB82E2B29285A9988A80BCEF84CE8AC896E868153DD279DB1F8C
WindowsServer2003-KB3045999-x64-CHS.exe	28C7E2816FE751725552998EC3AF3EB8AC6BE4C6	E4C7D21FC311CBA1305731610346851E04C9E052E6CF81DA8F330A5EF060C6F7
WindowsServer2003-KB3045999-x64-CHT.exe	33B194E8C474A98EF1607BF6ED5CA845F406937B	8C473B4681213D75C1913F192EC93E123D7EEDE696A1A3D7EF109C80DEBEDEBC
WindowsServer2003-KB3045999-x64-DEU.exe	0A90711D28EB6E1F3C8BAFF2C1BA826C29668E75	C8A5983D9E6F0F616EAAA9D98BB242193549117D7A3620D08FB393C72020DACE
WindowsServer2003-KB3045999-x64-ENU.exe	54E8C58006C37C5B968A7286F5DC4720B5D65C37	19FD204DA6BE6281A8B8BE57836B11E43A9491A6B34829E8EE7B8C070D6E1194
WindowsServer2003-KB3045999-x64-ESN.exe	AEF20645FB46F5552C6E025BB3B5DD8DDB80225D	45914A1A77751DA461391440225F4B107B0B946278F4CAF7325E1468619EAB80
WindowsServer2003-KB3045999-x64-FRA.exe	06071ACE70E3395E025DB3FBBF6B6F8ABBF15A88	B96017E56F9E335F076B323181C1CFD98D315AD21E97B18B955392F62BFD88D9
WindowsServer2003-KB3045999-x64-ITA.exe	2497972A041B0EB2E9B15F5115408F44E62C2263	ABC9937702541DD0F34C45CB1998E679BD215B49FE49C9EE7C31B67F8EE290A7
WindowsServer2003-KB3045999-x64-JPN.exe	4F29C518875799E93598811B8F5DDFF81EBA53D9	DD18D54579960C1A20668D12E86451A5D4811F6EEA399273B27519CDBE34ED0B
WindowsServer2003-KB3045999-x64-KOR.exe	AEF8810FBE86D2E34326C1D5B740DD4B73DCEB95	7D88FDF5C71F9DE7821C6C482D20FCFDD264D1A158BDDF64B86AEFCAC72CEB5D
WindowsServer2003-KB3045999-x64-PTB.exe	B95FEC93A01CC601EC200706BDEA4146A6AF0539	A02268BEAA6642E5CEDCDD7D450903FA4186CB10EF025A4A28ED006AF3D1BAEB
WindowsServer2003-KB3045999-x64-RUS.exe	9932200211E87D03F4CC970A03A33F52E51A36C9	84A52E3B0E1A3E4C06F27F90D22B97A1D16C51DE7379B430708936C45F1FC51F
WindowsServer2003-KB3045999-x86-CHS.exe	EE57245890B187F966AEA8AB04347375B03CB4CB	BFCA7652C480C6C22E652CD0993B1AB8685583174375DF099A5FF600144CD7C0
WindowsServer2003-KB3045999-x86-CHT.exe	EF8EC040CB21AA96E7897A877CB696FE5522DD7C	70E2B50D9661D5BA92C4E6D72E4AD1756A7261B878EA3C341B2DF3BB52D5A99D
WindowsServer2003-KB3045999-x86-CSY.exe	1A8E21F9B70EC1EAE857B8DACE3C486A19ACF633	29C9BB14E8E84BEAF25D732FDBBF84C0497F62C39BBF408A1314448CA711D8DE
WindowsServer2003-KB3045999-x86-DEU.exe	67B84D6C619A06260CC7B4E64A32BDC6D38F9024	C75EAE0775D0389F6F1749FA7B7A47720CAF9A57623C2594273235073D67C008
WindowsServer2003-KB3045999-x86-ENU.exe	C4D12A0867963ABD74CAC8E6C8F2F57CB8B019CC	9CE2E0B9C531B9A76C06D44F5ECAABEA3A1C4FA52198BCD890F8E0ACF0CF1BEA
WindowsServer2003-KB3045999-x86-ESN.exe	4222324038010C5792A11C21A7F6F10A0D3DDD0F	09D6DE8F4E0896A438EB450EEBA3DB67991A5A5E18454B409EADB218ED1F064C
WindowsServer2003-KB3045999-x86-FRA.exe	8596A6B2915CD76963118EB27F73D80BDFFA3C28	F84577DDF4577191B1F8AB72B0B3077D84EF809CF79A101D8B12967D5AA0449C
WindowsServer2003-KB3045999-x86-HUN.exe	325AF8F071E9A786D6F0AD7AC3580EC77307108D	82B1C03D1D8C13B98F25694A675D79D0D9224D28B089390399A888C3651B9676
WindowsServer2003-KB3045999-x86-ITA.exe	62A60D435D4E19FE8757D6D0484E1B4831983559	124F08156E9F20DAA4CD47644CE107605559B12360146D7AB310E704F232621D
WindowsServer2003-KB3045999-x86-JPN.exe	27BBF9919BDBA786B073223B7A22957D74C37E45	B491DE19A69E1931430FDE37EE53B3E0FCE663A0371D5C2D752EC82BE8BEBF96
WindowsServer2003-KB3045999-x86-KOR.exe	E2F0CECAA2FF618FB2660F6B60D7D0F67DB5FB1C	95DDB3B6FDE48D2934E234EE37A5923DFEF15CC996149E29A5B0A7F184DF35EE
WindowsServer2003-KB3045999-x86-NLD.exe	85374E47286BB075B4B878A8002349D27AA698F5	32C51E22F60AD14C2C994A45742B858EF73BCEF3E16AF192770E58AB48C2C72D
WindowsServer2003-KB3045999-x86-PLK.exe	DFA26FE8A9FF8122DCBCA74DC62043D363994E91	E86B1A0748FEAA6F96F16C548C44125AE063BE8BA364F4315756C48E71CBF5EC
WindowsServer2003-KB3045999-x86-PTB.exe	FD5070762E72957930986534CE17A04308A5E3C5	0DDAD7B8F69E28631847788F44F0EF5DF01095A922328F7A300744796992E6A0
WindowsServer2003-KB3045999-x86-PTG.exe	2596ED0E3845A2C59F4118990E46E14610B0547D	5A672687C4FD50BBC5CE036AA7011ACE2CF2586AB66EC1CFC35B3D6D44F05717
WindowsServer2003-KB3045999-x86-RUS.exe	D166B79F3BF7E4ECCD239297E4833A0D8957D6EC	9B52D608998133204DD97BF8D6A04B6A6CFF77FF4613D9DAF48B59A8BA46F67D
WindowsServer2003-KB3045999-x86-SVE.exe	8DF4FD9867FD2BBF632E1C2161AEF15362C9F208	80C8B3A236E05EB4206D1B097592B82C3C80346ABDD58781989D7156E5FFB67E
WindowsServer2003-KB3045999-x86-TRK.exe	21A5D65AD34110E36EB0AC13FC0DAC43D6EFB13F	D63F319F13C9046E3C6A0D05A37CF17312936E2F943C579A45AD2C83E2186BAF

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info

Article ID	:	3049576
Revision	:	1
Created on	:	1/7/2017
Published on	:	4/14/2015
Exists online	:	False
Views	:	263