MS15-072: Vulnerability in Windows graphics component could allow elevation of privilege: July 14, 2015

Applies to: Windows Server 2012 R2 DatacenterWindows Server 2012 R2 StandardWindows Server 2012 R2 Essentials


This security update resolves a vulnerability in Windows that could allow elevation of privilege if the Windows graphics component fails to correctly process bitmap conversions. An authenticated attacker who successfully exploited this vulnerability could elevate privileges on a targeted system. An attacker could then install programs, could view, change, or delete data, or could create new accounts with full administrative rights. An attacker must first log on to the system to exploit this vulnerability. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-072.

More Information

Important All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see
Get security updates automatically.

Note For Windows RT and Windows RT 8.1, this update is available through Windows Update only.

More Information