MS14-045: Description of the security update for kernel-mode drivers: August 12, 2014

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

INTRODUCTION
Microsoft has released security bulletin MS14-045. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:Support for Microsoft Update

Security solutions for IT professionals:TechNet Security Troubleshooting and Support

Help protect your Windows-based computer Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country:International Support

More information

Known issues with this security update

  • Known issue 1
    After you install this security update, fonts that are installed in a location other than the default fonts directory (%windir%\fonts\) cannot be changed when they are loaded into any active session. Attempts to change, replace, or delete these fonts will be blocked, and a "File in use" message will be presented.

    For more information, go to the following Microsoft webpages:
  • Known issue 2
    Microsoft is investigating behavior in which fonts do not render correctly after any of the following updates are installed:
    2982791 MS14-045: Description of the security update for kernel-mode drivers: August 12, 2014
    2970228 Update to support the new currency symbol for the Russian ruble in Windows
    2975719 August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
    2975331 August 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012
    Status
    KB 2993651 replaces this security update and resolves this known issue.

    Mitigations
    Open the Programs and Features item in Control Panel, and then click View installed updates. Find and then uninstall any of the following updates that are currently installed:
    • KB2982791
    • KB2970228
    • KB2975719
    • KB2975331
  • Known issue 3
    Microsoft is investigating behavior in which systems may crash with a 0x50 Stop error message (bugcheck) after any of the following updates are installed:
    2982791 MS14-045: Description of the security update for kernel-mode drivers: August 12, 2014
    2970228 Update to support the new currency symbol for the Russian ruble in Windows
    2975719 August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
    2975331 August 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012
    This condition may be persistent and may prevent the system from starting correctly.

    Status
    KB 2993651 replaces this security update and resolves this known issue.

    Mitigations
    1. Restart the computer in safe mode:
      • Windows 7
      • Windows 8 and Windows 8.1:
        1. If you have installation media for Windows 8.1 (such as a DVD or USB), start your computer by using the installation media. Insert the DVD or USB flash drive, and restart the computer. If you see a message that asks you to "Press any key to boot from DVD," do this. If you do not receive the message, you may have to change the restart order in your computer's BIOS settings so that the computer first starts to the DVD or USB. When you reach the Install Windows page, you should click Repair your computer to start the Windows Recovery Environment.
        2. If you do not have media, you should use the power button to restart your computer during the startup process three times. This should start the Windows Recovery Environment.
        3. As soon as your computer starts in the Windows Recovery Environment, tap or click Troubleshoot on the Choose an option screen. If you do not see the Startup Settings option, tap or click Advanced options.
        4. Tap or click Startup Settings., and then tap or click Restart.
        5. On the Startup Settings screen, select the startup setting that you want. (Press 4 for safe mode.)
        6. Sign in to your computer by using a user account that has administrator rights.
    2. Delete the fntcache.dat file. To do this, type the following command at command prompt, and then press Enter:
      del %windir%\system32\fntcache.dat
    3. After you delete fntcache.dat, restart the computer. The computer should now start successfully.
    4. Click Start, click Run, type regedit in the Open box, and then click OK.
    5. Locate and then click the following subkey in the registry:
      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Fonts\
    6. Right-click the Fonts registry subkey, and then click Export.
    7. Type a name for the exported reg file, and select a location to store the file. You will use this file later to restore the font registration that you will remove in the following steps.
    8. After you save the reg file, find any registry values under the Fonts registry subkey for which the data field meets the following criteria:
      • Contains a full file path (not just a file name)
      • The full file path ends in an ".otf" extension. (This indicates an OpenType font file.) OpenType font file
    9. Delete the fntcache.dat file again. (It will have been re-created.) To do this, type the following command at command prompt, and then press Enter:
      del %windir%\system32\fntcache.dat
    10. Open the Programs and Features item in Control Panel, and then click View installed updates. Find and then uninstall any of the following update that are currently installed:
      • KB2982791
      • KB2970228
      • KB2975719
      • KB2975331
    11. Restart the computer.
    12. Find the reg file that you saved earlier, right-click the file, and then click Merge to restore the font registry values that you previously removed.

      Note It’s safe to re-add these registry values now that the offending updates have been removed.
  • Known issue 4After you install this update, the z-order of the windows is changed. (The z-order calls the SetWindowPos function together with the HWND_TOP parameter.) Therefore, certain applications’ windows may become invisible or may be displayed behind other windows incorrectly.

    Resolution
    To resolve this issue, install update 2998984. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
    2998984 You cannot dock MicroStation toolbars after you install update 2973201 in Windows
    Notes
    This issue also occurs after you install the following updates:
    2965768 Stop error 0x3B when an application changes the z-order of a window in Windows 7 SP1 and Windows Server 2008 R2 SP1
    2970228 Update to support the new currency symbol for the Russian ruble in Windows
    2973201 MS14-039: Description of the security update for Windows on-screen keyboard: July 8, 2014
    2975719 August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
FILE INFORMATION
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2003 file information

  • The files that apply to a specific milestone (SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.
  • In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x64-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Spuninst.exe6.3.4.1221,48819-Jan-201404:57x86NoneNot Applicable
Gdi32.dll5.2.3790.5398285,69616-Jul-201420:29x86SP2SP2QFE
Win32k.sys5.2.3790.53981,881,60016-Jul-201420:15x86SPSP2QFE

For all supported x86-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Spuninst.exe6.3.4.1293,16816-Jul-201420:37x64NoneNot Applicable
Gdi32.dll5.2.3790.5398623,61616-Jul-201420:35x64SP2SP2QFE
Win32k.sys5.2.3790.53984,649,98416-Jul-201420:35x64SPSP2QFE
Wgdi32.dll5.2.3790.5398293,88816-Jul-201420:35x86SP2SP2QFE\WOW

For all supported IA-64-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Spuninst.exe6.3.4.1501,55216-Jul-201420:37IA-64NoneNot Applicable
Gdi32.dll5.2.3790.5398919,55216-Jul-201420:34IA-64SP2SP2QFE
Win32k.sys5.2.3790.53985,656,06416-Jul-201420:34IA-64SPSP2QFE
Wgdi32.dll5.2.3790.5398293,88816-Jul-201420:34x86SP2SP2QFE\WOW

Windows Vista and Windows Server 2008 file information

  • The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.0.6002.18xxxWindows Vista SP2 and Windows Server 2008 SP2SP2GDR
    6.0.6002.23xxxWindows Vista SP2 and Windows Server 2008 SP2SP2LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.0.6002.19150297,98425-Jul-201404:26x86
Gdi32.dll6.0.6002.23454297,98425-Jul-201404:04x86
Win32k.sys6.0.6002.191502,054,65625-Jul-201402:53x86
Win32k.sys6.0.6002.234542,062,33625-Jul-201402:51x86

For all supported x64-based versions of Windows Vista and Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.0.6002.19150390,14425-Jul-201404:18x64
Gdi32.dll6.0.6002.23454389,63225-Jul-201404:36x64
Win32k.sys6.0.6002.191502,781,69625-Jul-201403:15x64
Win32k.sys6.0.6002.234542,784,76825-Jul-201403:47x64
Gdi32.dll6.0.6002.19150304,12825-Jul-201404:27x86
Gdi32.dll6.0.6002.23454304,12825-Jul-201404:05x86

For all supported IA-64-based versions of Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.0.6002.19150952,32025-Jul-201403:59IA-64
Gdi32.dll6.0.6002.23454951,80825-Jul-201404:11IA-64
Win32k.sys6.0.6002.191506,657,02425-Jul-201403:06IA-64
Win32k.sys6.0.6002.234546,666,75225-Jul-201403:18IA-64
Gdi32.dll6.0.6002.19150304,12825-Jul-201404:27x86
Gdi32.dll6.0.6002.23454304,12825-Jul-201404:05x86

Windows 7 and Windows Server 2008 R2 file information

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.1.7601.18xxxWindows 7 and Windows Server 2008 R2SP1GDR
    6.1.7601.22xxxWindows 7 and Windows Server 2008 R2SP1LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.1.7601.18539305,15216-Jul-201402:47x86
Gdi32.dll6.1.7601.22750305,15216-Jul-201402:56x86
Win32k.sys6.1.7601.185392,352,64016-Jul-201401:47x86
Win32k.sys6.1.7601.227502,360,83216-Jul-201401:52x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.1.7601.18539404,48016-Jul-201403:25x64
Gdi32.dll6.1.7601.22750404,48016-Jul-201403:23x64
Win32k.sys6.1.7601.185393,163,64816-Jul-201402:12x64
Win32k.sys6.1.7601.227503,166,72016-Jul-201402:17x64
Gdi32.dll6.1.7601.18539311,80816-Jul-201402:46x86
Gdi32.dll6.1.7601.22750311,29616-Jul-201402:55x86

For all supported IA-64-based versions of Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.1.7601.18539971,26416-Jul-201402:28IA-64
Gdi32.dll6.1.7601.22750970,75216-Jul-201402:34IA-64
Win32k.sys6.1.7601.185397,427,58416-Jul-201401:46IA-64
Win32k.sys6.1.7601.227507,431,68016-Jul-201401:50IA-64
Gdi32.dll6.1.7601.18539311,80816-Jul-201402:46x86
Gdi32.dll6.1.7601.22750311,29616-Jul-201402:55x86

Windows 8 and Windows Server 2012 file information

  • The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.2.920 0.16 xxxWindows 8 and Windows Server 2012RTMGDR
    6.2.920 0.20 xxxWindows 8 and Windows Server 2012RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.2.9200.170531,075,71215-Jul-201423:05x86
Gdi32.dll6.2.9200.211721,074,17615-Jul-201423:08x86
Win32k.ptxmlNot Applicable4,17211-Oct-201200:38Not Applicable
Win32k.sys6.2.9200.170593,382,78415-Jul-201422:55x86
Win32k.ptxmlNot Applicable4,17225-Jul-201220:33Not Applicable
Win32k.sys6.2.9200.211783,370,49615-Jul-201422:57x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.2.9200.170531,300,99215-Jul-201423:03x64
Gdi32.dll6.2.9200.211721,295,36015-Jul-201423:04x64
Win32k.ptxmlNot Applicable4,17211-Oct-201200:37Not Applicable
Win32k.sys6.2.9200.170594,035,07215-Jul-201422:55x64
Win32k.ptxmlNot Applicable4,17225-Jul-201220:29Not Applicable
Win32k.sys6.2.9200.211784,034,56015-Jul-201422:55x64
Gdi32.dll6.2.9200.170531,023,48812-Jul-201402:36x86
Gdi32.dll6.2.9200.211721,023,48812-Jul-201402:40x86
Wow64_win32k.ptxmlNot Applicable4,17212-Feb-201300:14Not Applicable
Wow64_win32k.ptxmlNot Applicable4,17212-Feb-201300:09Not Applicable

Windows 8.1 and Windows Server 2012 R2 file information

For all supported x86-based versions of Windows 8.1

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.3.9600.172461,090,28006-Aug-201423:36x86
Win32k.ptxmlNot Applicable4,21321-Aug-201323:39Not Applicable
Win32k.sys6.3.9600.172503,441,15206-Aug-201422:42x86

For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.3.9600.172461,336,62407-Aug-201402:12x64
Win32k.ptxmlNot Applicable4,21322-Aug-201306:44Not Applicable
Win32k.sys6.3.9600.172504,148,22406-Aug-201422:39x64
Gdi32.dll6.3.9600.172461,064,44802-Aug-201403:56x86
Wow64_win32k.ptxmlNot Applicable4,21321-Aug-201323:39Not Applicable
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 2982791 - Last Review: 09/25/2014 00:42:00 - Revision: 7.0

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows RT 8.1, Windows Server 2012 Datacenter, Windows Server 2012 Standard, Windows Server 2012 Essentials, Windows Server 2012 Foundation, Windows 8 Enterprise, Windows 8 Pro, Windows 8, Windows RT, Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1, Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2, Microsoft Windows Server 2003 Service Pack 2

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability kbsurveynew KB2982791
Feedback