MS15-020: Description of the security update for Windows shell: March 10, 2015

Applies to: Windows Server 2012 R2 DatacenterWindows Server 2012 R2 StandardWindows Server 2012 R2 Essentials


This security update resolves a vulnerability in Windows. This vulnerability could allow remote code execution if an attacker successfully convinces a user to open a file in a working directory that contains a specially crafted DLL file. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-020.

Note The updates are available for Windows Technical Preview and Windows Server Technical Preview. Customers who are running these operating systems are encouraged to apply the updates. These updates are available through Windows Update.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Note For Windows RT and Windows RT 8.1, this update is available through Windows Update only.