MS15-035: Vulnerability in Microsoft graphics component could allow remote code execution: April 14, 2015

Applies to: Windows 7 Service Pack 1Windows 7 UltimateWindows 7 Enterprise


This security update resolves a vulnerability in Windows that could allow remote code execution if an attacker successfully convinces a user to browse to a specially crafted website, open a specially crafted file, or browse to a working directory that contains a specially crafted Enhanced Metafile (EMF) image file. However, in every case an attacker would have no way to force users to take such actions. An attacker would have to convince users to do this. Typically, the attacker would do this by using enticements in email or instant messaging (IM) messages.

To learn more about this vulnerability, see Microsoft Security Bulletin MS15-035.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, the update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.