You are currently offline, waiting for your internet to reconnect

MS15-008: Vulnerability in Windows kernel mode driver could allow elevation of privilege: January 13, 2015

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Summary
This security update resolves one privately reported vulnerability in Windows. This vulnerability could allow elevation of privileges if an attacker runs a specially crafted application on an affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Introduction
Microsoft has released security bulletin MS15-008. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:Support for Microsoft Update

Security solutions for IT professionals:TechNet Security support and troubleshooting

Help protect your Windows-based computer from viruses and malware:Virus Solution and Security Center

Local support according to your country:International support
More information
Systems that are running Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 are affected only if the Desktop Experience feature is installed. These systems will not be offered the update if the Desktop Experience feature is not installed.

Security update deployment information

Windows Server 2003 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Server 2003:
WindowsServer2003-KB3019215-x86-ENU.exe
For all supported x64-based editions of Windows Server 2003:
WindowsServer2003-KB3019215-x64-ENU.exe
For all supported Itanium-based editions of Windows Server 2003:
WindowsServer2003-KB3019215-ia64-ENU.exe
Installation switchesSee Microsoft Knowledge Base Article 934307
Update Log FileKB3019215.log
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationUse Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB3019215$\Spuninst folder
File informationSee the file information section.
Registry key verificationHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3019215\Filelist

Windows Vista (all editions)

Reference table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Vista:
Windows6.0-KB3019215-x86.msu
For all supported x64-based editions of Windows Vista:
Windows6.0-KB3019215-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationWUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Server 2008:
Windows6.0-KB3019215-x86.msu
For all supported x64-based editions of Windows Server 2008:
Windows6.0-KB3019215-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationWUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 7:
Windows6.1-KB3019215-x86.msu
For all supported x64-based editions of Windows 7:
Windows6.1-KB3019215-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file nameFor all supported x64-based editions of Windows Server 2008 R2:
Windows6.1-KB3019215-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 8:
Windows8-RT-KB3019215-x86.msu
For all supported x64-based editions of Windows 8:
Windows8-RT-KB3019215-x64.msu
For all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3019215-x86.msu
For all supported x64-based editions of Windows 8.1:
Windows8.1-KB3019215-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference table

The following table contains the security update information for this software.
Security update file nameFor all supported editions of Windows Server 2012:
Windows8-RT-KB3019215-x64.msu
For all supported editions of Windows Server 2012 R2:
Windows8.1-KB3019215-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)

Reference table

The following table contains the security update information for this software.
DeploymentThese updates are available via Windows Update only.
Restart RequirementYes, you must restart your system after you apply this security update.
Removal InformationClick Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File InformationSee the file information section.
File information
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2003 file information

  • The files that apply to a specific milestone (SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.
  • In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x64-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Mrxdav.sys5.2.3790.5508188,92819-Dec-201400:49x86SP2SP2QFE

For all supported x86-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Mrxdav.sys5.2.3790.5508273,92030-Dec-201403:48x64SP2SP2QFE

For all supported IA-64-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Mrxdav.sys5.2.3790.5508553,47230-Dec-201403:48IA-64SP2SP2QFE

Windows Vista and Windows Server 2008 file information

  • The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.0.6002.19xxxWindows Vista SP2 and Windows Server 2008 SP2SP2GDR
    6.0.6002.23xxxWindows Vista SP2 and Windows Server 2008 SP2SP2LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Mrxdav.sys6.0.6002.19273115,20019-Dec-201400:25x86
Mrxdav.sys6.0.6002.23581115,20019-Dec-201400:13x86

For all supported x64-based versions of Windows Vista and Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Mrxdav.sys6.0.6002.19273139,77619-Dec-201400:26x64
Mrxdav.sys6.0.6002.23581139,77619-Dec-201400:36x64
Mrxdav.sys6.0.6002.19273115,20019-Dec-201400:25x86
Mrxdav.sys6.0.6002.23581115,20019-Dec-201400:13x86

Windows 7 and Windows Server 2008 R2 file information

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.1.7601.18xxxWindows 7 and Windows Server 2008 R2SP1GDR
    6.1.7601.22xxxWindows 7 and Windows Server 2008 R2SP1LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File nameFile versionFile sizeDateTimePlatform
Davclnt.dll6.1.7601.2291387,55219-Dec-201403:03x86
Mrxdav.sys6.1.7601.18706116,22419-Dec-201401:34x86
Mrxdav.sys6.1.7601.22913116,73619-Dec-201401:40x86
Webclnt.dll6.1.7601.22913210,43219-Dec-201403:03x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Davclnt.dll6.1.7601.22913109,05619-Dec-201403:30x64
Mrxdav.sys6.1.7601.18706141,31219-Dec-201401:46x64
Mrxdav.sys6.1.7601.22913142,33619-Dec-201401:53x64
Webclnt.dll6.1.7601.22913265,21619-Dec-201403:30x64
Mrxdav.sys6.1.7601.18706116,22419-Dec-201401:34x86
Mrxdav.sys6.1.7601.22913116,73619-Dec-201401:40x86
Davclnt.dll6.1.7601.2291387,55219-Dec-201403:03x86
Webclnt.dll6.1.7601.22913210,43219-Dec-201403:03x86

Windows 8 and Windows Server 2012 file information

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.2.920 0.17 xxxWindows 8 and Windows Server 2012RTMGDR
    6.2.920 0.21 xxxWindows 8 and Windows Server 2012RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File nameFile versionFile sizeDateTimePlatform
Mrxdav.sys6.2.9200.17219122,88019-Dec-201404:04x86
Mrxdav.sys6.2.9200.21317122,88008-Dec-201403:34x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File nameFile versionFile sizeDateTimePlatform
Mrxdav.sys6.2.9200.17219142,33619-Dec-201404:35x64
Mrxdav.sys6.2.9200.21317142,33608-Dec-201404:37x64

Windows 8.1 and Windows Server 2012 R2 file information

For all supported x86-based versions of Windows 8.1

File nameFile versionFile sizeDateTimePlatform
Mrxdav.sys6.3.9600.17560124,92819-Dec-201405:46x86

For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2

File nameFile versionFile sizeDateTimePlatform
Mrxdav.sys6.3.9600.17560140,80019-Dec-201406:26x64

File hash information

File nameSHA1 hashSHA256 hash
Windows6.0-KB3019215-x86.msu1C6F42295332557A705A1E52428595E785F6AE66FD3501488DE22F1A1557C685EC229AF1012CB2E2B6CBB786249D43DF0C983F42
Windows6.1-KB3019215-x86.msu33A2D54F2306208AAE5E43605B63D6DB7E8AE47F91F071870836F079D907CE7B37C67AA33E42726FA41C13D5DB656A4C1D7C1A4D
Windows8.1-KB3019215-x86.msu353F5EC99AD7FEDC7281943E4B971FF2F9A6E8E91DB98FE77B30E811884194B80DED6022D44871870447BB3192EB422840EED169
Windows8-RT-KB3019215-x86.msuB6A4D3AC522C3AEED56311482D143E4E5E09C08C03E3A17D00472E88B1B70335596E8C1A273E8DF97F3308879ACE4CBCDCF5E988
WindowsServer2003-KB3019215-ia64-DEU.exeF98F89A0A9D4126252773E721789BC4B62694A84863CF10525F2442A52B0D2C7782264A9DBC507371D8E456D110A08F17D4F37E4
WindowsServer2003-KB3019215-ia64-ENU.exeB0DD59E7B38A757323D3A598BD11E20BFDA1F092CF92B3EC9C7FD512FD1E0670C21A1406040D44BEA61C633C7601AD0812E777EE
WindowsServer2003-KB3019215-ia64-FRA.exe8E54864615D9DECC726FA49BED79B619AF5E0B1BCD1F88199439C5360529FA6A1E32FFCF1E848AB0DFFAC29AD87915E70998A2C8
WindowsServer2003-KB3019215-ia64-JPN.exeDDD6EB3B2DBE7F9508167FE979175D5EDEBA6D0CC65E19EC4260FFE12DCBC9648B53497D6634EA078A4122B417CA28D962BA36B4
WindowsServer2003-KB3019215-x86-CHS.exe6CC0148AB9A01B55DC49C12036F596000CE277FEDAA78D69EF3378AF7B767BCD34DD486645457A8E22EEF3F8D4CD19E7D382042B
WindowsServer2003-KB3019215-x86-CHT.exe0A19C9E14819D9766ECA4720AFAEA2EF51F29F75762B57846FAE33AF1CA8BE7984D8B6166996FDFAA05B3BE40E46324ECE94CC21
WindowsServer2003-KB3019215-x86-CSY.exeD7DAFEAF2F7CCFA28B8B62ADB142EAD13753AC9CF98CC902532807BACE7D9C9969F36F766DB63D402AE5C1438726EC73A5009EEB
WindowsServer2003-KB3019215-x86-DEU.exeB489E432A54363F66B497B2489FC617B2B67A26685C18B91D32B31385A9B68127117A66D16A926E73DD2FD6AF94932AE449C46A3
WindowsServer2003-KB3019215-x86-ENU.exe1CD0C43D53EEB8B46F216263119F50B22E5CC7D3ED1ABAB2404BF8B5D67E62A85098E4C5DE6AC34979EF7E7E476AA8ED8E979604
WindowsServer2003-KB3019215-x86-ESN.exe373395CDC73BBC3C5FEF96E0628C56B0D8087969C0F22984622089BD36ACA2BB91CE02D9F95B58D34CEC7942E0E1434943CB492C
WindowsServer2003-KB3019215-x86-FRA.exe229AB21BBDF968D45F734A1A4E6E48431F0DA9F5AC2DFF63F9769BE101A850ED37A1A8AA1FDAC7BB5480EB7F7E9DF12EFB000A7C
WindowsServer2003-KB3019215-x86-HUN.exe8DA9BF9B25036CE8F6BD5F4A1EA6140D6903AB9FE3DF8A90B62126AE0A1D6D1EC97CF269414329C143126C19F983F6BE46A4D041
WindowsServer2003-KB3019215-x86-ITA.exe49C755BE8FCB23558DE8071D6C58842D7301544F145FF5884C73FE6EDC05D0AA5AA2877092517115C1D6273220B8FC03F43AC2F9
WindowsServer2003-KB3019215-x86-JPN.exe0766863EFDD96BF552027AA33F210720DFD1E50210E2593E65F608B0CDD36185459D8DC81098DCC25F5878DEAF98195E3B03EA91
WindowsServer2003-KB3019215-x86-KOR.exe345CE1D905E9331EEB2DC4E20E77E5D9EE190FD8F7A79E903BD356698C363F8BE0018318ED2AA1887593918C25471092A9FC826E
WindowsServer2003-KB3019215-x86-NLD.exeBDF21D4812CE8C2E5405480E5DE289D914979E9BF27BC655A8A3B9E3ABCEA3999BFE4A696A0E0B7B38261D786777F7E7EA155197
WindowsServer2003-KB3019215-x86-PLK.exe542231FC2F361FC87B52548CB396C0AB240D64B4E38BC0C29B93496944BEC60BC8A9D22AE80C174F53DB56F42760D1F5D0B5D165
WindowsServer2003-KB3019215-x86-PTB.exe48801A36736F3591B16D8A60CC2E17A0EF852346DB418E19075BF2486C001F89A282A9871A9F273C6C8822B9757B3503EC7F26EF
WindowsServer2003-KB3019215-x86-PTG.exe61761BC4097C980C7D486B8A466382C7FC4A28A6CB8E02D8DF526227478C5E9BE4F5E40A0308FAB67BACA18A24FEA92AE3B41CAC
WindowsServer2003-KB3019215-x86-RUS.exeA504945F7EAE2679E0200430D29D5ACCD89581A6AF1AE10087C21CCB0B0B4844C37D96C0309EE422CA103AB9AAC25265AADCAB9B
WindowsServer2003-KB3019215-x86-SVE.exe8D5C8B95496AFA35866326741A55308AC6A528AF859905201E9FC08C0781D2F5CDB1044D342DE15F0A385B90EEF8BE444FA558B9
WindowsServer2003-KB3019215-x86-TRK.exe45C1AD15E15EC6DCD8B5D0B6EAAA6BB67908A02F21AD8E3AEDEEE70D6A3FD5246F06394E15F0154ABA0CE1F962460AEA2923FABF
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 3019215 - Last Review: 01/13/2015 18:23:00 - Revision: 1.0

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows RT 8.1, Windows Server 2012 Datacenter, Windows Server 2012 Standard, Windows Server 2012 Essentials, Windows Server 2012 Foundation, Windows 8 Enterprise, Windows 8 Pro, Windows 8, Windows RT, Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1, Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2, Microsoft Windows Server 2003 Service Pack 2

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB3019215
Feedback