Summary

This security update resolves a vulnerability in the VBScript scripting engine in Windows. The vulnerability could allow remote code execution if a user goes to a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, could view, change, or delete data, or could create new accounts that have full user rights.

To learn more about the vulnerability, see Microsoft Security Bulletin MS15-066.

More Information

Important If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

More information about this security update


The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.

  • 3068364 MS15-066: Description of the security update for the VBScript 5.8 scripting engine: July 14, 2015

  • 3068368 MS15-066: Description of the security update for the VBScript 5.7 scripting engine: July 14, 2015

  • 3068404 MS15-066: Description of the security update for the VBScript 5.6 scripting engine: July 14, 2015

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see
Get security updates automatically.

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS15-066 that corresponds to the version of Windows that you are running.



More Information

Windows Server 2003 (all editions)Reference table

The following table contains the security update information for this software.

Security update file names

For VBScript 5.6 on all supported 32-bit editions of Windows Server 2003:
WindowsServer2003-KB3068404-x86-ENU.exe

For VBScript 5.6 on all supported x64-based editions of Windows Server 2003:
WindowsServer2003-KB3068404-x64-ENU.exe

For VBScript 5.6 on all supported Itanium-based editions of Windows Server 2003:
WindowsServer2003-KB3068404-ia64-ENU.exe

For VBScript 5.7 on all supported 32-bit editions of Windows Server 2003:
WindowsServer2003-KB3068368-x86-ENU.exe

For VBScript 5.7 on all supported x64-based editions of Windows Server 2003:
WindowsServer2003-KB3068368-x64-ENU.exe

For VBScript 5.7 on all supported Itanium-based editions of Windows Server 2003:
WindowsServer2003-KB3068368-ia64-ENU.exe

Installation switches

See Microsoft Knowledge Base Article 262841

Update log file

For VBScript 5.6 on all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003:
KB3068404.log

For VBScript 5.7 on all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003:
KB3068368.log

Restart requirement

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.

Removal information

For VBScript 5.6 on all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003:
Use the Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the Use the Spuninst.exe utility, located in the %Windir%\$NTUninstallKB3068404$\Spuninst folder

For VBScript 5.7 on all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003:
Use the Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB3068368$\Spuninst folder

File information

See the related Knowledge Base article that is listed in the Additional information about this security update section.

Registry key verification

For VBScript 5.6 on all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3068404\Filelist

For VBScript 5.7 on all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3068368\Filelist

Windows Vista (all editions)Reference table

The following table contains the security update information for this software.

Security update file names

For VBScript 5.7 on all supported 32-bit editions of Windows Vista:
Windows6.0-KB3068368-x86.msu

For VBScript 5.7 on all supported x64-based editions of Windows Vista:
Windows6.0-KB3068368-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.

Removal information

WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

File information

See the related Knowledge Base article that is listed in the Additional information about this security update section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)Reference table

The following table contains the security update information for this software.

Security update file names

For VBScript 5.7 on all supported 32-bit editions of Windows Server 2008:
Windows6.0-KB3068368-x86.msu

For VBScript 5.7 on all supported x64-based editions of Windows Server 2008:
Windows6.0-KB3068368-x64.msu

For VBScript 5.7 on all supported Itanium-based editions of Windows Server 2008:
Windows6.0-KB3068368-ia64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.

Removal information

WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

File information

See the related Knowledge Base article that is listed in the Additional information about this security update section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)Reference table

The following table contains the security update information for this software.

Security update file name

For VBScript 5.8 on all supported Server Core installations of x64-based editions of Windows Server 2008 R2 only:
Windows6.1-KB3068364-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.

Removal information

To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.

File information

See the related Knowledge Base article that is listed in the Additional information about this security update section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.


File name

SHA1 hash

SHA256 hash

Windows6.0-KB3068368-ia64.msu

BEDAB5A675F07E529B68411FA3A25F501D640739

0F70C879C8987D2BD7208187155A82C3F068FCBD6B778E5E63BBE875A75D39D4

Windows6.0-KB3068368-x64.msu

789BBCA725E435C12E181490BD86C9D683852699

1F6C3FF569BBA08D3735F3CA3ABE2A121A78C27221037E0A39DD69EACF9B5242

Windows6.0-KB3068368-x86.msu

DA4B0DA9DEFC96729FF9770094DABD254CD2AD50

6987D8686EF66F7BF912057E27B06119380CD7EECC4A5C42D8C42360A8E6138A

Windows6.1-KB3068364-x64.msu

1F263D3A429F0FD696A0EC1AFE79E635CFDD449E

0B3BE4B72868078929D3E68EFA2504408B27E7E37843946A86E26593896F83F0

WindowsServer2003-KB3068368-ia64-DEU.exe

442ECF3D9D89BE4CF56516777EA4C4796D0A7D0F

CEF70BDF33B009B4ACFC014F3C45BA7DB0CF359766F3646863F4252CB4211802

WindowsServer2003-KB3068368-ia64-ENU.exe

14E9048B725E9C1CFD79C7AD362500BA4FEC4B36

8F847E2870FC3266ABCFAAE1641DEA0850AFB5B810A5EB6D8587237B87B3EC39

WindowsServer2003-KB3068368-ia64-FRA.exe

D24EAF247A3D203AE44F4E3DF1A634F64A748CB1

D75E14778E26A28D67DD8F1650FB26E4826D61B582ADA08151BE0158C6C18346

WindowsServer2003-KB3068368-ia64-JPN.exe

DC67A526DAE179CCC56B53ACFF19B57CCACB9D54

9937DB0FEEFB6A68C3489C32820A6C8422AD4AA268FD3FDA5088E5FACCF66CAA

WindowsServer2003-KB3068368-x64-CHS.exe

CF45ECC83E0552739803C43C62203B6124B668E7

7F25A0A5E0E95B9FB45EB1121FEEA7D2E6793EC7DFF029BED322D507E1E397B7

WindowsServer2003-KB3068368-x64-CHT.exe

3BFC0B8879810A1DB6CA5A39092066BE35A27C9B

713E4FCD890E7DDA5DB51899E084AE6CAC8D332F7D29F16473F63292B14F2162

WindowsServer2003-KB3068368-x64-DEU.exe

8C3B92213308A416F2A37313E7876E5A6AF18DB8

A5ACD61388F960A7C85E652E97C58212DE2505F529BF7934E4CFB34AD55DC016

WindowsServer2003-KB3068368-x64-ENU.exe

375851F9176B248CE63ECD67F658D031318CBB6D

1DB637185E84F82532B7DD79DC19F0BBFD73F3CA2F25B56F22BCBBBC58627A22

WindowsServer2003-KB3068368-x64-ESN.exe

A2BA8BD722E6D5762CD814AFE158E14FA9224BD3

EFA250807EE16CD6EB8A59693FE3320DAA1666981EEA66F2701150EC9078A2E8

WindowsServer2003-KB3068368-x64-FRA.exe

5FC838D793352ED6C78EE20C80330861D3BBCDA5

C27BDD019B66F2D7A4A41A34412B56B941F13EAAFADAE07E562AD9451006B993

WindowsServer2003-KB3068368-x64-ITA.exe

6AFBB5F4CA7D2004F4195DCFE2B5B7CC31047A77

3A4236D10FDB80E30DDBBF8A20C6D1232217C16C3E96AC0DBF34C431FBF45FA3

WindowsServer2003-KB3068368-x64-JPN.exe

20D178D2DCEB391A69165F87FD15218A5D97D472

26190755690711489864E80671E03B64DFD8566E6FD63F86A3BBBC103BBD144A

WindowsServer2003-KB3068368-x64-KOR.exe

877A37B8907DDBB10DA98320D6EE1BFD15316E83

5C4C9DF9D56AAC9BD0858CE93ADF821837C8A21F0E16FF33214BE6B352740827

WindowsServer2003-KB3068368-x64-PTB.exe

5C0DF5124F52041CD9EF18CB3985B21AC0275BC6

C01108C93E75A53B34CE5C1498EFAB1C9891888295EF4EBEBCCB72F0A7EF6333

WindowsServer2003-KB3068368-x64-RUS.exe

69022C62EE757B09A69C8D105D446D17BF302130

28964FB83CAB48D471F69A9CB84BBB793194A9251A74934E069E3E3EFD132713

WindowsServer2003-KB3068368-x86-CHS.exe

01D0FF82D6F0AED426302954D7BD28C5032429C1

90B8F804AAB2896960FF7B053E8FED0C7DC4793EF0870343852F13A3857FDCB5

WindowsServer2003-KB3068368-x86-CHT.exe

8D4E6B1F38B069FB4CE7E7255686066F39E2F1F5

73F0EE21EF513F860CC5C5448C36A036A8BFF2782E1A8FB2EB404882C9AC0B02

WindowsServer2003-KB3068368-x86-CSY.exe

1A1F56579689389C82F1EEEE40CC6A51C178E6EF

3F07BC8B089E20C5EC7F655B100244D1DA8DAEC7FA1F2E6FE475A1390DBBB1F9

WindowsServer2003-KB3068368-x86-DEU.exe

AB2365C66F54ADEF53E9F01A54BE94420B914509

03D8D63AF994ABE6B1DE00C6C43450D6D87AF92C17D9F188C1A2A9BEB172C253

WindowsServer2003-KB3068368-x86-ENU.exe

EFFF7AB15FF3C8CBFD299F5D6C32D647A37F60C5

FD7B1E7D94003F9822AAFED185E64E341D3E3A841C1CF961A5774BD8ABDC0D93

WindowsServer2003-KB3068368-x86-ESN.exe

CA86274692684F7F8B957022FEF6009893E2BFFD

6F4BE5F7B47CD66E7EF57FB58FBA92882619F89E7330357197837C4782517CDE

WindowsServer2003-KB3068368-x86-FRA.exe

7C8F29B71987CF17D1201060161360287E9D6F57

ED6E0AF3D239CCA77353E42648368DECFBEB11B0C911793008897B0625BF868F

WindowsServer2003-KB3068368-x86-HUN.exe

D92F84371E2C7FFFE71FD5D1ADB024095CBEC813

13167F7061A29EFE67595D48E05512B3ADAEEA59AAC3D3E73D0BBE09AFBB63D3

WindowsServer2003-KB3068368-x86-ITA.exe

A0830FF0D8ABB5B6FF9838622DE3B14C869BCF61

EB5DBF028FCE05C9D56183E08DC5916EB2E21BE426CF2E4AC94F98AE7BCB0EA9

WindowsServer2003-KB3068368-x86-JPN.exe

9B05B42DAC70EBBF571C1AF0114BB511C2D773EF

133C06880689750F79E48C69E54381AED64C3ECC6E183F64BA7CE9E9F8B120C5

WindowsServer2003-KB3068368-x86-KOR.exe

3F5AA9CAF9560F61184A472555E0AC5F055E9FD4

D28F17CA39AC37237E129E0C43E14AA1F78E7F91343991D3C41F49F3D433EFEE

WindowsServer2003-KB3068368-x86-NLD.exe

B0E5D6D0FDBF7B26D82DF784C35FAD13E342F8B3

FDE46468B1E6AC9EA5B1FC2893C266F8D504DCFAE3EBB4E0DEB6D84374EE7780

WindowsServer2003-KB3068368-x86-PLK.exe

688CC5A0CBE381A704105681D11296B4BF4E236D

56149F71371512A5A2B1BEAA34A401DAA596898DC717C796560214B50FC6FD4D

WindowsServer2003-KB3068368-x86-PTB.exe

CC6A12778BD35FA3572F3E3E320A89840144C9CD

033DE1207A10CD747812F75930F2060A0377BCEA0E3841CD1A970187176551D6

WindowsServer2003-KB3068368-x86-PTG.exe

967B816CC1A793B57F2ADECA78F894ABD0EFDA64

656936340079B5B498604A48D78F37212ADCA3214DF21E443BC08B46A63CC7C1

WindowsServer2003-KB3068368-x86-RUS.exe

2ADE4A9CE386FEA1397375D4301E02B56B2C863C

4F68B0A2C621ED59A8E2FA8B8816D830DA8DC65292C4C1FEBAC09BFC21C18006

WindowsServer2003-KB3068368-x86-SVE.exe

A8675CD2E30B24CAAAFB2226A322EC9EA2974C62

2B6D794C329CC292D8FD1A0563061B880BEBE7E7B7BC20BF83415F352C374245

WindowsServer2003-KB3068368-x86-TRK.exe

BBAB80CB616E659D733DED994DEE6778A4AD43F2

55D881160D124B2FE36599A320F508BD99D844FEB81F39D0C6F50408BEC6ED40

WindowsServer2003-KB3068404-ia64-DEU.exe

60DBEAF07233E694611009957F23F8DB5E87D77F

7EF7B95CA6F71A2705455B6853CA9E8D88956124205B048EC53CFFD3F033EFB5

WindowsServer2003-KB3068404-ia64-ENU.exe

E4661822F2C4DF68573C415F384AF6395F611268

67E83BC0AB7D992EC409FB1079CA643214921B264EDAA2BF0D5DDBA405F8CDFF

WindowsServer2003-KB3068404-ia64-FRA.exe

6929114F2B49F63D9AE81C0E506641B5047DB837

1C120B2543B9EE032CD0921A1AC916215E767B7FBFECF162AF4E82D753762F8D

WindowsServer2003-KB3068404-ia64-JPN.exe

178382A05A0317E48C688BC2E8B48BEE529B2D9E

2CFB4CB82D1CD50E09568CFEA863C55993E435CFF11695C0EC4238D6F4B474CE

WindowsServer2003-KB3068404-x64-CHS.exe

25AEA4AC9307A2BBACE300C58350396957777A17

54A938D9B5D83DE480EEEFF9BA9C924661D6ECA761BF3B53CAE1F0C8F2CF02C5

WindowsServer2003-KB3068404-x64-CHT.exe

118E22F4F9178C317D0696162314ECEF39F0353A

C465AED728237E11215183BA83EDC192F0CB78D3CA4650285CC4E19A4E5C4744

WindowsServer2003-KB3068404-x64-DEU.exe

53E38D9A15A17FE20226B70EBED3288759F5D6D1

F65452C1565B921F2809975A7A63E08E8D74020690BC537BC4A4B781E606FB7E

WindowsServer2003-KB3068404-x64-ENU.exe

CE47BFE3C8110DE02D4090697D56165B862BFCEC

9A09120CE5C69B47CB3E7A957BD45B204AFF86EB399E9375CEA649CB25AE7348

WindowsServer2003-KB3068404-x64-ESN.exe

8EE0D0295235BA3676F9390AB3E294F9C5635A33

0602527D2D976F8862A47D3E7FCF82B5CB8D9B149B6C795475F5506307429612

WindowsServer2003-KB3068404-x64-FRA.exe

21CF2A6EE4AD90AB9197389F2DE614464B8E554D

14048342B2DFA55688ED6433CE5DC4149786CD132FEEAF3B41DC1218616AFF38

WindowsServer2003-KB3068404-x64-ITA.exe

816844CEE763FFB9BCE95107989E9D28CEE78C90

6910ED1D5C05199DAAA9E5E47C1B03DA0A4AC1A79E7F7A0F3664AB406EA2DAD3

WindowsServer2003-KB3068404-x64-JPN.exe

32AF99EE912EA2C22E1CB5D809A2B3E38D723F8C

8DC212B72AB7826D5E88B2D1C9BB1FF2647E5C86B510DB6E334C4E60754D6755

WindowsServer2003-KB3068404-x64-KOR.exe

0A044C041CFBBFAB2C04C1241E262F8E495AEB6C

4E5E19637A0A7772CFF2EFBFD622983683AC091795BC5C97B06781829F0744D2

WindowsServer2003-KB3068404-x64-PTB.exe

B7973D7865D0903232AAD09C3DC74AC6CDC766C0

25FB4B598465B0EFBB6D602162680C7ACFD0F33B267485374A10DCD713731696

WindowsServer2003-KB3068404-x64-RUS.exe

E29F470D5DDEB247C60AF165343A8B123C6A89E2

DDA7F030240ED42BDBCFE16F661B5A8795A01A80AA5F4DC47D33F671FFEAE389

WindowsServer2003-KB3068404-x86-CHS.exe

0A2D2D5EA4A5F378D3EF2496D03E19CC423F0A03

A25234F6C88C79F38CB53F167026534B831B941F4234A381D677D2F6101F40AB

WindowsServer2003-KB3068404-x86-CHT.exe

F623FC4E709CFD9B56349DD223DA75C2348F3700

51CCC95AD8731EC56D74488C77AF6F91C379FF0D9447F28FB8F4C88651F9DA9C

WindowsServer2003-KB3068404-x86-CSY.exe

7F5DAB5A5BF738E313D16DE414D13152F6CF9FFF

A76D6FEF9F39BB9EB078F6C2D67F6A659B627506574E5A5E65CCF05586C00336

WindowsServer2003-KB3068404-x86-DEU.exe

5AB8C7810FF4CFF7A7F11BA8ADDCC27ABDD01EA8

D107E19B82FEBE846187FE747C6288E63F3A5085DD21B1D5389DCC6D76ED3036

WindowsServer2003-KB3068404-x86-ENU.exe

166055E49A8355B81E309FCCE96EF13BF80B5CF6

22496B63B13566B45E2EEEABD78F434190BBF175A21889844DCEF91BD79AF3B7

WindowsServer2003-KB3068404-x86-ESN.exe

F62CF1569A031FFD53AE7F7FD828D1E5B8944A3B

6B4CEC6F524338D9CF2A1EFC384CABD3C1FF15908A36D9F613B12F7532312669

WindowsServer2003-KB3068404-x86-FRA.exe

0EC2405C43B20249E9F03FFE611A2C798FFED093

6060E9989A0CB3703DD4892F172C2D69643213BF34C90CFCFA81AAEF96E949DC

WindowsServer2003-KB3068404-x86-HUN.exe

A45C498247E6FAB9B9FB0424069C17837E7E0412

A3B2AF723552F79E848F4EF3E557D75B9B03400F77D6B5FCFDD433812F641AFC

WindowsServer2003-KB3068404-x86-ITA.exe

9AC2E8592F3D700C67D63C9C2A9EE0BE47980F29

C9CE475E1674A9B9B81E961E141D5CC2934FA15F88CCF9B9B799CC620B6484DE

WindowsServer2003-KB3068404-x86-JPN.exe

E32A2D39CB3A63469940E125F0E1DE4C774F42B1

91707068363A74EEA02FE794F8375AE2579365E6E534E6C960F4F5602A8365FC

WindowsServer2003-KB3068404-x86-KOR.exe

057D9B60E69AC44675038006032B997D326D995D

18BB6BA52845DA4C9F3E3474AD4230090B01CCD1C510E6DAECACCDF73937029B

WindowsServer2003-KB3068404-x86-NLD.exe

8C61979E9F201C6E3447C6A4468515E7067BF8B7

1CDA3AE85FFE8ECFBFC34DD4DA9456E80AAA5D517CFB8AB788350F6C4C6B882A

WindowsServer2003-KB3068404-x86-PLK.exe

003022B94D13A104A7161F5BDA94CF2D55DD933F

3CE6550D1AB340B61D045AC6EA02E66AFE31A1D36D1A1E2D7D644700D1F8C691

WindowsServer2003-KB3068404-x86-PTB.exe

CECBDF44631CE8CB512F3362A086909ABE69AFC5

77A26C2D725A0200CBD0352773C18C33BD5A3362FF115F8700A5F19EF505C419

WindowsServer2003-KB3068404-x86-PTG.exe

8352AE508D55D8F4258023A587C8DD6175B866DA

1CABA167559C047A762461998A41E152F8B361868AC23628C9FB1582950D8A1A

WindowsServer2003-KB3068404-x86-RUS.exe

BD7C19E80734BB1A69BA3B6F399AAB7E56CC82C8

9E107B0887DEE8E272E20662A59426E311070140F6929CEF24D17E71C3DEE0FC

WindowsServer2003-KB3068404-x86-SVE.exe

3A9BDBEE7184CE6E49E390638D8CBD9A9513B63D

9F7A5178B9D6BE781D1BF02183AD1CE4F5BF3AA659BDA995FED765D70A34EE4D

WindowsServer2003-KB3068404-x86-TRK.exe

5D2FDEA2B2B0C876792BED191250A853599F9B26

999AE642D069AA92981D33AC5328391640CCDB88FE313CCC278F9C3ACC5579FD


Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×