MS15-038: Description of the security update for Windows: April 14, 2015

Applies to: Windows Server 2012 R2 DatacenterWindows Server 2012 R2 StandardWindows Server 2012 R2 Essentials


This security update resolves vulnerabilities in Windows. These vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. To exploit the vulnerabilities, an attacker would first have to log on to the system. This security update addresses the vulnerabilities by correcting how Windows validates impersonation events. To learn more about the vulnerabilities, see Microsoft Security Bulletin MS15-038.

To resolve the vulnerabilities, you may need to apply multiple updates depending on the version of Windows you are running, see the following table for more information:
Windows versionUpdates to install
Windows Server 2003 R2 SP23045685
Windows Vista SP2, Windows Server 2008 SP2
Windows 7 SP1, Windows Server 2008 R2 SP1
Windows 8, Windows RT, Windows Server 2012
Windows 8.1, Windows RT 8.1, Windows Server 2012 R2
3045685 and

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Note For Windows RT and Windows RT 8.1, this update is available through Windows Update only.

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base Article 3049576.