MS15-020: Vulnerabilities in Windows could allow remote code execution: March 10, 2015

Applies to: Windows Server 2012 R2 DatacenterWindows Server 2012 R2 StandardWindows Server 2012 R2 Essentials More

Summary


This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker successfully convinces a user to browse to a specially crafted website, open a specially crafted file, or open a file in a working directory that contains a specially crafted DLL file.

Introduction


Microsoft has released security bulletin MS15-020. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information


Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.
  • 3033889 MS15-020: Description of the security update for Windows text services: March 10, 2015
    Known issues in security update 3033889:

    • After installing this security update, some systems that use the Japanese IME may become unresponsive. Also, Windows Explorer may crash.
      Microsoft is researching this problem and will post more information in this article when the information becomes available.
  • 3039066 MS15-020: Description of the security update for Windows shell: March 10, 2015
  • File information