MS15-037: Vulnerability in Windows Task Scheduler could allow elevation of privilege: April 14, 2015

Applies to: Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 DatacenterWindows Server 2008 R2 Enterprise More


This security update resolves a vulnerability in Microsoft Windows. An attacker who successfully exploited the vulnerability could take advantage of a known invalid task to cause Task Scheduler to run a specially crafted application in the context of the System account. An attacker could then do the following: 
  • Install programs
  • View, change, or delete data
  • Create new accounts that have full user rights 


Microsoft has released security bulletin MS15-037. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information