MS15-038: Description of the security update for Windows: April 14, 2015

Summary

This security update resolves vulnerabilities in Windows. These vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. To exploit the vulnerabilities, an attacker would first have to log on to the system. This security update addresses the vulnerabilities by correcting how Windows validates impersonation events. To learn more about the vulnerabilities, see Microsoft Security Bulletin MS15-038.

To resolve the vulnerabilities, you may need to apply multiple updates depending on the version of Windows you are running, see the following table for more information:
Windows versionUpdates to install
Windows Server 2003 R2 SP23045685
Windows Vista SP2, Windows Server 2008 SP2
Windows 7 SP1, Windows Server 2008 R2 SP1
Windows 8, Windows RT, Windows Server 2012
Windows 8.1, Windows RT 8.1, Windows Server 2012 R2
3045685 and
3045999

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Note For Windows RT and Windows RT 8.1, this update is available through Windows Update only.
Method 2: Microsoft Download Center

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base Article 3049576.

File information
How to obtain help and support for this security update
Properties

Article ID: 3045685 - Last Review: Jul 7, 2015 - Revision: 1

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows RT 8.1, Windows Server 2012 Datacenter, Windows Server 2012 Datacenter, Windows Server 2012 Datacenter, Windows Server 2012 Datacenter, Windows Server 2012 Standard, Windows Server 2012 Standard, Windows Server 2012 Standard, Windows Server 2012 Standard, Windows Server 2012 Essentials, Windows Server 2012 Foundation, Windows Server 2012 Foundation, Windows Server 2012 Foundation, Windows Server 2012 Foundation, Windows 8 Enterprise, Windows 8 Pro, Windows 8, Windows RT, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Datacenter, Windows Server 2008 R2 Enterprise, Windows Server 2008 R2 Standard, Windows Web Server 2008 R2, Windows Server 2008 R2 Foundation, Windows 7 Service Pack 1, Windows 7 Ultimate, Windows 7 Enterprise, Windows 7 Professional, Windows 7 Home Premium, Windows 7 Home Basic, Windows 7 Starter, Windows Server 2008 Service Pack 2, Windows Server 2008 Datacenter, Windows Server 2008 Enterprise, Windows Server 2008 Standard, Windows Web Server 2008, Windows Server 2008 Foundation, Windows Server 2008 for Itanium-Based Systems, Windows Vista Service Pack 2, Windows Vista Ultimate, Windows Vista Enterprise, Windows Vista Business, Windows Vista Home Premium, Windows Vista Home Basic, Windows Vista Starter, Microsoft Windows Server 2003 Service Pack 2, Microsoft Windows Server 2003 R2 Datacenter Edition (32-Bit x86), Microsoft Windows Server 2003 R2 Datacenter x64 Edition, Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86), Microsoft Windows Server 2003 R2 Enterprise x64 Edition, Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86), Microsoft Windows Server 2003 R2 Standard x64 Edition

Feedback