Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-054: Vulnerability in Microsoft Management Console file format could allow denial of service: May 12, 2015

View products that this article applies to.

Summary

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote, unauthenticated attacker convinces a user to open a share that contains a specially crafted .msc file. However, an attacker would have no way of forcing a user to visit the share or view the file.

↑ Back to the top

Introduction

Microsoft has released security bulletin MS15-054. To learn more about this security bulletin:

Home users:
https://www.microsoft.com/security/pc-security/updates.aspx
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update website now:
https://update.microsoft.com/microsoftupdate/
IT professionals:
https://technet.microsoft.com/library/security/MS15-054

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top

More Information

Security update deployment information

Windows Vista (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Vista: Windows6.0-KB3051768-x86.msu
	For all supported x64-based editions of Windows Vista: Windows6.0-KB3051768-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	WUSA.exe does not support uninstall of updates. To uninstall an update that is installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and then select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file names	For all supported 32-bit editions of Windows Server 2008: Windows6.0-KB3051768-x86.msu
	For all supported x64-based editions of Windows Server 2008: Windows6.0-KB3051768-x64.msu
	For all supported Itanium-based editions of Windows Server 2008: Windows6.0-KB3051768-ia64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	WUSA.exe does not support uninstall of updates. To uninstall an update that is installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and then select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported 32-bit editions of Windows 7: Windows6.1-KB3051768-x86.msu
	For all supported x64-based editions of Windows 7: Windows6.1-KB3051768-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, and then click System and Security. Under Windows Update, click View installed updates, and then select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported x64-based editions of Windows Server 2008 R2: Windows6.1-KB3051768-x64.msu
	For all supported Itanium-based editions of Windows Server 2008 R2: Windows6.1-KB3051768-ia64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, and then click System and Security. Under Windows Update, click View installed updates, and then select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported 32-bit editions of Windows 8: Windows8-RT-KB3051768-x86.msu
	For all supported x64-based editions of Windows 8: Windows8-RT-KB3051768-x64.msu
	For all supported 32-bit editions of Windows 8.1: Windows8.1-KB3051768-x86.msu
	For all supported x64-based editions of Windows 8.1: Windows8.1-KB3051768-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, and then click Windows Update. Under See also, click Installed updates, and then select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported editions of Windows Server 2012: Windows8-RT-KB3051768-x64.msu
	For all supported editions of Windows Server 2012 R2: Windows8.1-KB3051768-x64.msu
Installation switches	See Microsoft Knowledge Base Article 934307
Restart requirement	Yes, you must restart your system after you apply this security update.
Removal information	To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, and then click Windows Update. Under See also, click Installed updates, and then select from the list of updates.
File information	See the file information section.
Registry key verification	Note A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.

Deployment	These updates are available through Windows Update only.
Restart Requirement	Yes, you must restart your system after you apply this security update.
Removal Information	Click Control Panel, click System and Security, and then click Windows Update. Under See also, click Installed updates, and then select from the list of updates.
File Information	See the file information section.

↑ Back to the top

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Vista and Windows Server 2008 file information

The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

Version Product Milestone Service branch
6.0.6002.18xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 GDR
6.0.6002.23xxx Windows Vista SP2 and Windows Server 2008 SP2 SP2 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.6002.19355	1,686,016	06-Apr-2015	00:57	x86
Comctl32.dll	6.10.6002.23663	1,686,016	06-Apr-2015	00:27	x86

For all supported x64-based versions of Windows Vista and Windows Server 2008

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.6002.19355	2,050,048	06-Apr-2015	00:36	x64
Comctl32.dll	6.10.6002.23663	2,050,048	06-Apr-2015	00:20	x64
Comctl32.dll	6.10.6002.19355	1,686,016	06-Apr-2015	00:57	x86
Comctl32.dll	6.10.6002.23663	1,686,016	06-Apr-2015	00:27	x86

For all supported IA-64-based versions of Windows Server 2008

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.6002.19355	4,726,272	06-Apr-2015	00:18	IA-64
Comctl32.dll	6.10.6002.23663	4,726,272	05-Apr-2015	23:58	IA-64
Comctl32.dll	6.10.6002.19355	1,686,016	06-Apr-2015	00:57	x86
Comctl32.dll	6.10.6002.23663	1,686,016	06-Apr-2015	00:27	x86

Windows 7 and Windows Server 2008 R2 file information

The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
Version Product Milestone Service branch
6.1.7601.18xxx Windows 7 and Windows Server 2008 R2 SP1 GDR
6.1.7601.22xxx Windows 7 and Windows Server 2008 R2 SP1 LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.7601.18807	1,680,896	30-Mar-2015	03:02	x86
Comctl32.dll	6.10.7601.23011	1,680,896	30-Mar-2015	03:00	x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.7601.18807	2,030,592	30-Mar-2015	03:15	x64
Comctl32.dll	6.10.7601.23011	2,030,592	30-Mar-2015	03:15	x64
Comctl32.dll	6.10.7601.18807	1,680,896	30-Mar-2015	03:02	x86
Comctl32.dll	6.10.7601.23011	1,680,896	30-Mar-2015	03:00	x86

For all supported IA-64-based versions of Windows Server 2008 R2

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.7601.18807	4,762,624	30-Mar-2015	02:14	IA-64
Comctl32.dll	6.10.7601.23011	4,762,624	30-Mar-2015	02:15	IA-64
Comctl32.dll	6.10.7601.18807	1,680,896	30-Mar-2015	03:02	x86
Comctl32.dll	6.10.7601.23011	1,680,896	30-Mar-2015	03:00	x86

Windows 8 and Windows Server 2012 file information

The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

Version Product Milestone Service branch
6.2.920 0.16 xxx Windows 8 and Windows Server 2012 RTM GDR
6.2.920 0.20 xxx Windows 8 and Windows Server 2012 RTM LDR
GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.9200.17321	2,050,048	30-Mar-2015	00:52	x86
Comctl32.dll	6.10.9200.21435	2,046,976	30-Mar-2015	03:08	x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.9200.17321	2,517,504	30-Mar-2015	01:51	x64
Comctl32.dll	6.10.9200.21435	2,512,896	30-Mar-2015	01:24	x64
Comctl32.dll	6.10.9200.17321	2,050,048	30-Mar-2015	00:52	x86
Comctl32.dll	6.10.9200.21435	2,046,976	30-Mar-2015	03:08	x86

Windows 8.1 and Windows Server 2012 R2 file information

For all supported x86-based versions of Windows 8.1

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.9600.17784	2,106,368	27-Mar-2015	03:21	x86

For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2

File name	File version	File size	Date	Time	Platform
Comctl32.dll	6.10.9600.17784	2,583,040	27-Mar-2015	04:21	x64
Comctl32.dll	6.10.9600.17784	2,106,368	27-Mar-2015	03:21	x86

File hash information

File name	SHA1 hash	SHA256 hash
Windows6.0-KB3051768-ia64.msu	A721E4FEE3337CE8996CBBD75CF4492A024FC10B	B87A02F31079B6CD09EDE92038895922FB62001932BFF2A8B20B60609CB7655D
Windows6.0-KB3051768-x64.msu	A7C7A39E7D0C445492FF4E432F95A5D58ED75040	8B14FC759F06E92B0AF42463698DE3966BAAAC6615787FA7AEEF4B7DC94CD08C
Windows6.0-KB3051768-x86.msu	DACC660C5A964E1731757AB6168D94199CD6E63C	5AF6B620392EBE206865E6B184F751AA0B2336C379523596C38D42498A8BAE84
Windows6.1-KB3051768-ia64.msu	28DFD99D01BE25BD4CBFE42E3B3639C4A70E7B2A	606FE532C45A4D377E1C4F59CE35A2C63BAF39DE74D3C466B58076938E07CC75
Windows6.1-KB3051768-x64.msu	8CF8A28CB94E39C4FC0B5EE4A9889E23257F2B56	BD7D0A2C8E27F723F43907795B9598AF4856972F078D7E583E8EE8BD34595E38
Windows6.1-KB3051768-x86.msu	EF2F5E719AC73630EC28DA21253A68F84F8EFE25	9D3BD7EE8E308D00DD65FF9892782C49C4F217469B06D59953765CE9BC466284
Windows8.1-KB3051768-x64.msu	A9746AD755E76CAA8EE74FB8DEAAE8E7845307CE	1BC8C1A083A9A25C4F4AD11990ABD636EF28FEA6325BC40C0612E2DDC40F2D9D
Windows8.1-KB3051768-x86.msu	A7A5E0DD623EB2CDD628C032DC80941E49F0585D	AE9789E1BF138FCC143A0B44FC1F5543A4131DAF711212B89867B76D98866BBC
Windows8-RT-KB3051768-x64.msu	2262E6450B50AE406B73ABC91AB889451668A0A8	A3EB6FF0F3E5C53CA33C3C9C763C301F8AA4FC1742802033F1D4ADBF1699F194
Windows8-RT-KB3051768-x86.msu	383FB996B99EEA09AD3AF226431072C6B34EEC60	CE0B07084E2231749EA40B087A432DD78088325595C334FE550DA39C5048E04A

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info

Article ID	:	3051768
Revision	:	1
Created on	:	1/7/2017
Published on	:	5/12/2015
Exists online	:	False
Views	:	281