MS15-071: Vulnerability in Netlogon could allow elevation of privilege: July 14, 2015

Applies to: Windows Server 2012 R2 DatacenterWindows Server 2012 R2 StandardWindows Server 2012 R2 Essentials


This security update resolves a vulnerability in Windows that could allow elevation of privilege if an attacker who has access to a primary domain controller (PDC) on a target network runs a specially crafted application to establish a secure channel to the PDC as a backup domain controller (BDC). To learn more about the vulnerability, see Microsoft Security Bulletin MS15-071.

More Information

  • All future security and nonsecurity updates for Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Known issues in this security update

  • This update includes the changes that originally shipped as part of security update 3002657 (MS15-027). Therefore, computers that install this security update are subject to the information in the “known issues with this security update” section of 3002657. Similarly, future versions of packages based on security updates 3002657 and 3068457 will inherit issues from dependent packages.

    For the latest status of an issue related to EMC Isilon OneFS, see Technical and Security Advisories for Isilon OneFS.

    The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see
Get security updates automatically.