MS15-008: Vulnerability in Windows kernel mode driver could allow elevation of privilege: January 13, 2015

Applies to: Windows Server 2012 R2 DatacenterWindows Server 2012 R2 StandardWindows Server 2012 R2 Essentials More

Summary


This security update resolves one privately reported vulnerability in Windows. This vulnerability could allow elevation of privileges if an attacker runs a specially crafted application on an affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

Introduction


Microsoft has released security bulletin MS15-008. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security support and troubleshooting

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International support

Important

  • All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

More Information


Systems that are running Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 are affected only if the Desktop Experience feature is installed. These systems will not be offered the update if the Desktop Experience feature is not installed.

File information


The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.