You are currently offline, waiting for your internet to reconnect

MS15-028: Vulnerability in Windows Task Scheduler could allow security feature bypass: March 10, 2015

Summary
This security update resolves a privately reported vulnerability in Windows. This vulnerability could allow users who have limited rights on an affected system to use Task Scheduler to execute files that they do not have permissions to run. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-028.
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Note For Windows RT and Windows RT 8.1, this update is available through Windows Update only.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in the following table that corresponds to the version of Windows you are running.
More information

Security update deployment information

File name

Windows versionFile name
Windows 7For 32-bit, Windows6.1-KB3030377-x86.msu
For 64-bit, Windows6.1-KB3030377-x64.msu
Windows Server 2008 R2For 64-bit, Windows6.1-KB3030377-x64.msu
For Itanium-based, Windows6.1-KB3030377-ia64.msu
Windows 8For 32-bit, Windows8-RT-KB3030377-x86.msu
For 64-bit, Windows8-RT-KB3030377-x64.msu
Windows Server 2012For 64-bit, Windows8-RT-KB3030377-x64.msu
Windows 8.1For 32-bit, Windows8.1-KB3030377-x86.msu
For 64-bit, Windows8.1-KB3030377-x64.msu
Windows Server 2012 R2For 64-bit, Windows8.1-KB3030377-x64.msu
Note For Windows RT and Windows RT 8.1, this update is available from Windows Update only.

Installation Switches

See Microsoft Knowledge Base Article 934307.

Restart requirements

You must restart your system after you apply this security update.

Removal information

Windows versionHow to remove the update
Windows 7 and Windows Server 2008 R2To uninstall an update that was installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates.
Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2To uninstall an update that was installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
Windows RT and Windows RT 8.1Click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.

Registry key verification

A registry key does not exist to validate the presence of this update.

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows 7 and Windows Server 2008 R2 file information

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.1.7601.18xxxWindows 7 and Windows Server 2008 R2SP1GDR
    6.1.7601.22xxxWindows 7 and Windows Server 2008 R2SP1LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File nameFile versionFile sizeDateTimePlatform
Ubpm.dll6.1.7601.18741171,52003-Feb-201503:12x86
Ubpm.dll6.1.7601.22948171,52003-Feb-201503:32x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Ubpm.dll6.1.7601.18741215,55203-Feb-201503:31x64
Ubpm.dll6.1.7601.22948215,04003-Feb-201503:51x64
Ubpm.dll6.1.7601.18741171,52003-Feb-201503:12x86
Ubpm.dll6.1.7601.22948171,52003-Feb-201503:32x86

For all supported IA-64-based versions of Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Ubpm.dll6.1.7601.18741488,96003-Feb-201502:52IA-64
Ubpm.dll6.1.7601.22948488,96003-Feb-201502:43IA-64
Ubpm.dll6.1.7601.18741171,52003-Feb-201503:12x86
Ubpm.dll6.1.7601.22948171,52003-Feb-201503:32x86

Windows 8 and Windows Server 2012 file information

  • The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.2.920 0.16 xxxWindows 8 and Windows Server 2012RTMGDR
    6.2.920 0.20 xxxWindows 8 and Windows Server 2012RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File nameFile versionFile sizeDateTimePlatform
Ubpm.dll6.2.9200.17247243,71224-Jan-201505:00x86
Ubpm.dll6.2.9200.21364248,32024-Jan-201504:46x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File nameFile versionFile sizeDateTimePlatform
Ubpm.dll6.2.9200.17247325,63224-Jan-201506:42x64
Ubpm.dll6.2.9200.21364317,95224-Jan-201505:40x64
Ubpm.dll6.2.9200.17247243,71224-Jan-201505:00x86
Ubpm.dll6.2.9200.21364248,32024-Jan-201504:46x86

Windows 8.1 and Windows Server 2012 R2 file information

For all supported x86-based versions of Windows 8.1

File nameFile versionFile sizeDateTimePlatform
Ubpm.dll6.3.9600.17671162,30430-Jan-201523:20x86

For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2

File nameFile versionFile sizeDateTimePlatform
Ubpm.dll6.3.9600.17671203,26430-Jan-201523:20x64

File hash information

File nameSHA1 hashSHA256 hash
Windows6.1-KB3030377-ia64.msu022DE7B41A2641039A4FCB52F629324E21024690BDBFFA9F7FE09136DB35C3D0E64BA0825CA7063863038CE3FEAE8C0F22B09034
Windows6.1-KB3030377-ia64.msu21E525F421C9B21DF65426F0D666AC2BE59F02AF7612DFE7199601998C9BFC734F2361EA0B5D66AB62D287A9CB805C92EDB15C96
Windows6.1-KB3030377-x64.msu84403E576DE8606703954E00ABCC573F24663DEF05CCDB1223B74C5E559A102681E0BD33677302367D7A119C9A63B8A8E70FED64
Windows6.1-KB3030377-x64.msuDC9AA7CF326131F9C4BF25FA2790E68F0DF299AD86881AEEA78B33B8E1635998868C4E1FC48E1AF08D3707F01C347F56C5492FC1
Windows6.1-KB3030377-x86.msu84BA5F6F713FFE1004F8D2D75677AD98331C3890A810150967AE32C9807AFF76EB3C49B3E55772D7F6E8C6ECE89FB7CD25AA3982
Windows6.1-KB3030377-x86.msu8E7AEADBA26FD06F5C2C98D8481D96278333094FD8A37A580E66D05422D1C8F1E2D4874FD96358BC856AA5CACA92030795BC2650
Windows8.1-KB3030377-x64.msu4DCBE286AC34E19BE1715B698C5613CF16E51433B6FC9F8729F806D7DF1A5EC43609AAAC1CFDEFCE8FEE5ED3B289636F6499428E
Windows8.1-KB3030377-x64.msuE605A90272CEE1A34F52B4B680DEC048D66DB5A5BE9859F26076C86CB91F60738AF84B2CEAB82EA41CCEC36A48FA7D44CC3B0100
Windows8.1-KB3030377-x86.msuEA03F7A1DD9F1DD350575D5EFA5D77AF6C4251E0A35739340C1FB274A69BCE2EA5951027DC5E0A6FC79582EAF0862A2465F38749
Windows8.1-KB3030377-x86.msuF4473F2C6085236CA84C98AA6B49F45FB90F4E2593501A2579A251C43310F5E1EFA075D342839DC74EDEDC0131A44BFA03570395
Windows8-RT-KB3030377-x64.msu59F7E0DB4C95DB595F9E7FDDA478C3C2C84CED652F9888E4CF05EFB44B79FC95E4E3041CE1A24C81DF63946F1387664D175D44DC
Windows8-RT-KB3030377-x86.msu2DFD090FCA3F543A0B4FC1A8673EDDC1C75885A18858036530935A66104F2E7DF18CA7CA264119A47193141DA2970666BC1EB20B

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 3030377 - Last Review: 03/31/2015 20:25:00 - Revision: 3.0

, , , , , , , , , , , , , , , , ,

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB3030377
Feedback