You are currently offline, waiting for your internet to reconnect

MS15-035: Vulnerability in Microsoft graphics component could allow remote code execution: April 14, 2015

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Summary
This security update resolves a vulnerability in Windows that could allow remote code execution if an attacker successfully convinces a user to browse to a specially crafted website, open a specially crafted file, or browse to a working directory that contains a specially crafted Enhanced Metafile (EMF) image file. However, in every case an attacker would have no way to force users to take such actions. An attacker would have to convince users to do this. Typically, the attacker would do this by using enticements in email or instant messaging (IM) messages.

To learn more about this vulnerability, see Microsoft Security Bulletin MS15-035.
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, the update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. To install the update, follow the installation instructions on the download page.

In the following table, click the download link that corresponds to the version of Windows that you are running.
More information

Security update deployment information

File information

Windows versionFile name
Windows Server 2003For 32-bit, WindowsServer2003-KB3046306-x86-ENU.exe
For 64-bit, WindowsServer2003-KB3046306-x64-ENU.exe
For Itanium-based, WindowsServer2003-KB3046306-ia64-ENU.exe
Windows VistaFor 32-bit, Windows6.0-KB3046306-x86.msu
For 64-bit, Windows6.0-KB3046306-x64.msu
Windows Server 2008For 32-bit, Windows6.0-KB3046306-x86.msu
For 64-bit, Windows6.0-KB3046306-x64.msu
For Itanium-based, Windows6.0-KB3046306-ia64.msu
Windows 7For 32-bit, Windows6.1-KB3046306-x86.msu
For 64-bit, Windows6.1-KB3046306-x64.msu
Windows Server 2008 R2For 64-bit, Windows6.1-KB3046306-x64.msu
For Itanium-based, Windows6.1-KB3046306-ia64.msu

Installation switches

For Windows Server 2003, see Microsoft Knowledge Base Article 262841.
For all other supported versions of Windows, see Microsoft Knowledge Base Article 934307.

Update log files

Windows versionLog file
Windows Server 2003KB3046306.log

Restart requirements

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart.

Removal information

Windows versionHow to remove the update
Windows Server 2003Use the Add or Remove Programs item in Control Panel or the Spuninst.exe utility that is located in the %Windir%\$NTUninstallKB3046306$\Spuninst folder.
Windows Vista and Windows Server 2008 WUSA.exe does not support the removal of updates. To uninstall an update that was installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and then select from the list of updates.
Windows 7 and Windows Server 2008 R2To uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, and under Windows Update, click View installed updates, and then select from the list of updates.

Registry key verification

Windows versionRegistry key
Windows Server 2003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP3\KB3046306\Filelist
For other supported versions of Windows, a registry key does not exist to validate the presence of this update.

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2003 file information

  • The files that apply to a specific milestone (SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.
  • In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x64-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Gdi32.dll5.2.3790.5563623,61605-Mar-201519:59x64SP2SP2QFE
Wgdi32.dll5.2.3790.5563293,88805-Mar-201519:59x86SP2SP2QFE\WOW

For all supported x86-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll5.2.3790.5563285,69605-Mar-201520:53x86

For all supported IA-64-based versions of Windows Server 2003

File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Gdi32.dll5.2.3790.5563919,55205-Mar-201519:58IA-64SP2SP2QFE
Wgdi32.dll5.2.3790.5563293,88805-Mar-201519:58x86SP2SP2QFE\WOW

Windows Vista and Windows Server 2008 file information

  • The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.0.6002.18xxxWindows Vista SP2 and Windows Server 2008 SP2SP2GDR
    6.0.6002.23xxxWindows Vista SP2 and Windows Server 2008 SP2SP2LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.0.6002.19331297,98405-Mar-201502:24x86
Gdi32.dll6.0.6002.23639297,98405-Mar-201501:41x86

For all supported x64-based versions of Windows Vista and Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.0.6002.19331390,14405-Mar-201501:58x64
Gdi32.dll6.0.6002.23639389,63205-Mar-201501:35x64
Gdi32.dll6.0.6002.19331304,12805-Mar-201502:25x86
Gdi32.dll6.0.6002.23639304,12805-Mar-201501:42x86

For all supported IA-64-based versions of Windows Server 2008

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.0.6002.19331952,32005-Mar-201501:34IA-64
Gdi32.dll6.0.6002.23639951,80805-Mar-201501:12IA-64
Gdi32.dll6.0.6002.19331304,12805-Mar-201502:25x86
Gdi32.dll6.0.6002.23639304,12805-Mar-201501:42x86

Windows 7 and Windows Server 2008 R2 file information

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.1.7601.18xxxWindows 7 and Windows Server 2008 R2SP1GDR
    6.1.7601.22xxxWindows 7 and Windows Server 2008 R2SP1LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.1.7601.18778305,15205-Mar-201504:06x86
Gdi32.dll6.1.7601.22982305,15205-Mar-201504:10x86

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.1.7601.18778404,48005-Mar-201505:12x64
Gdi32.dll6.1.7601.22982404,48005-Mar-201504:23x64
Gdi32.dll6.1.7601.18778311,80805-Mar-201504:05x86
Gdi32.dll6.1.7601.22982311,80805-Mar-201504:09x86

For all supported IA-64-based versions of Windows Server 2008 R2

File nameFile versionFile sizeDateTimePlatform
Gdi32.dll6.1.7601.18778971,26405-Mar-201503:35IA-64
Gdi32.dll6.1.7601.22982970,75205-Mar-201503:31IA-64
Gdi32.dll6.1.7601.18778311,80805-Mar-201504:05x86
Gdi32.dll6.1.7601.22982311,80805-Mar-201504:09x86

File hash information

Package NamePackage Hash SHA1Package Hash SHA2
Windows6.0-KB3046306-ia64.msuD972B865C75D455CFC64FEA5C462175218D76B23C2152E8FA4E44BA27D5B96ABAACD573DC81A3BA64A8CC8F04AD9974023D445EB
Windows6.0-KB3046306-x64.msu8097C719F5AFD2916C439197720DEA48BAC88B15DF8C1270B32E26810AC8BB4A3797E6CC2A86269C131762D9E4D3CFFD32198E49
Windows6.0-KB3046306-x86.msu929C0886CFFC23441DBD978114EFB87DEEE1D0CD746EC959CCD2B0FF5489BFF1B41AD1185B1F6CFA516004A415CD461D95397142
Windows6.1-KB3046306-ia64.msuA7744E9B99CC8EB0230B8FED0ABC25BBB83BF5460F8B4BC6930DA07763C6AE1CD03962AC1152315A7D265D7A3023310E1A224291
Windows6.1-KB3046306-x64.msuBB6995E77C3F4834848A3E3C593BC0B473C73D1665E358506EACADAAF48212D39ED3C968B234B005C4CE929E1E5284B2CFED5C6B
Windows6.1-KB3046306-x86.msu6295A4018A08FDC867DED6CBA66B0EFD8DFC7BF1F16B8DB9B444B25E2BAD5F0747FA2757C144900B4EA76906FC1C13AE731E758D
WindowsServer2003-KB3046306-ia64-DEU.exe3B08B5E4F75507A82AC0678FA5E043E744A8A3049D8B7E9CC202D009DAAACA6B24FCADD96D4A7574832D451B41F4B31D9A5BD6FF
WindowsServer2003-KB3046306-ia64-ENU.exe587A07C703298E6ABCD020C1055842E0167773DFB46467DF8F8AFA0724B7715E7B041A96A1DC171011B884F47F097E707F79D159
WindowsServer2003-KB3046306-ia64-FRA.exe681231750CD0759930478316E1773E36D5EB6347B524FD68776ABBF8265DC24BE7F2474EE776AD2523B732AE22526269523BAC4D
WindowsServer2003-KB3046306-ia64-JPN.exe6365F2C2A53BFD170C09ACA9438190719016E238FF1F9FCD83BACE742C78154A5978C37A7D5066D8296C52586BBC5CB2D068C38C
WindowsServer2003-KB3046306-x64-CHS.exeD2F9E4BDC90AB9ADDB85BE2266C002B892975D4BEE9430928D129308BDEA1AC534D082EEF2A39462CCCCC369AFF6F91D133BB5B3
WindowsServer2003-KB3046306-x64-CHT.exe91DFC397B39D814F6E34A6AD78577ABC69368B825626BA1DCC93F2630AFC33783A87DC1CF77CEA39B9B1652ED1AEF112495F568F
WindowsServer2003-KB3046306-x64-DEU.exe5A268C96B21A6F8212AC7C6194EBA713630AC7A78958337AB8BE64C66822A8C1DB0E349628AE62748BFF27B0EEB18C7A4B839045
WindowsServer2003-KB3046306-x64-ENU.exeD24D14A688745F691E326D4080840BAB03A190897730D15164E4C8D36C6D788E9D41C704B29C15BFFEA2F63DA0BC50F14F26DB36
WindowsServer2003-KB3046306-x64-ESN.exe703152ABFCEA1C56B9F73EAD9A474A0BFB9D725E82B65C55C311A7097FC1BF53B1424D5694CF7AF43224D6D720B495E1CF2068F1
WindowsServer2003-KB3046306-x64-FRA.exe50CDD6FBB1283EBBDE0CE7B62A8EE2C5080CA2CDDDBF697EE9AB14135FED0BF300A47B9320B2649A06A03F16E02018B1E5197123
WindowsServer2003-KB3046306-x64-ITA.exeD07FF20929665C881E715D997C9146937C26FA43C993E09F0ED3FF3ECF68B53CB3B95EB801FE63893A1CCDE3D99BC1F989EE6C45
WindowsServer2003-KB3046306-x64-JPN.exe002D02780453FAA1FA21176C520C1D18E0043673496612B60E4B195A4F4AC1A37EE7A7DE2AA2453BCDD5C60C5E621919A1395965
WindowsServer2003-KB3046306-x64-KOR.exe2C3BC9C0A4AF4B137C6833024091418F37F7C5718491E002945E7434651C69D0D96857BDB62284713600564D506B4A302A752FC2
WindowsServer2003-KB3046306-x64-PTB.exe27E59C986ED0A117CB5FA409D745962CAAD6654486C15AACDC371ED8B24C1A7B90DD4FCCE6105207C93211B82D9A30FFD991A7EF
WindowsServer2003-KB3046306-x64-RUS.exe72AF66D368A98D36F1574A0D996DE53328527C5FBE05ECB1C26DB502A4CF94EF6598BC14B5DB85374C9DC19B490B01DF8B9F1436
WindowsServer2003-KB3046306-x86-CHS.exe2B3DAD9DD7A70E71DC369CBF3E995A2B6AA3C5C11DD2D8811D24706D1BC3965CDDD38EB52C0DF83C623ABF161EEE2838F32018DD
WindowsServer2003-KB3046306-x86-CHT.exeAE3B90FCF4707B4E32F42C35F1D583CE15C9612149D953931914F46AC2BC0A66731E40AD001CA90E7E78E3D98E9BDB8E5C5FB83C
WindowsServer2003-KB3046306-x86-CSY.exe77B29CBD0E1525440BCECC2B25A48487C28DB8D81194D0B629B6EDFD3CD8D143D0DC989F523EF2727DD405CA8A49B78AE7FAA5D9
WindowsServer2003-KB3046306-x86-DEU.exeE874784239957041636B0EC71FCCC115E124D9E576D925DE756EF3F14BC2695FC6723E66AA34722D5AF50361A283D4315837CA80
WindowsServer2003-KB3046306-x86-ENU.exe9BDE6C9018679BB8B49B8C2532F115E5B3ECBD450E12FE8AD96BF62E26B05865C3A7B2B2628B9DDCE4380A052D2C0CFD23A28F1A
WindowsServer2003-KB3046306-x86-ESN.exe5F3EC4C54AE19F738C7BBA6C4A0F76CF32429CC0F8EA5D7E3C2CE86D7BEAD4B664CD2CE4BD9BBE4D56AD6D2EB1A6DCFEB3BE6B4A
WindowsServer2003-KB3046306-x86-FRA.exe81E8944FF9959F31B7CF39D660FEBA59ADD431D7EFAA14114B540B1F15C7BE20D9B1FA90C3202F8267DE44F2AA3014461C475DFB
WindowsServer2003-KB3046306-x86-HUN.exeBCC9461F9A7ADDE398876D2034F4B4F6ED602A2F5C1D6F6CC24DD70353B5DA10E67B6E997E4EB15C651CD4437E452DB6E5ACD71B
WindowsServer2003-KB3046306-x86-ITA.exe116B3FEAFF5458F19405A5A12C2D9AE37F9F00864601F66F251FEDC11AA0399FF5CCD1E2DEBFDA646182E2A9609D5D97CE9784A4
WindowsServer2003-KB3046306-x86-JPN.exe99A124C4847F0C29D30AA48FEB20601072F7BDF7DFAE5F6968151E182740E19D46C9B72A04E5015A089E9362F70A975B0032E4D5
WindowsServer2003-KB3046306-x86-KOR.exe9F09F53DD56A731D441CC038B251867E2CDFB3F10FD1E2836D7A5F66264E1D502CA1C79ABBF583E2941D333F7D63479E9510B0FC
WindowsServer2003-KB3046306-x86-NLD.exe13CA5ADDE02147D2D8E7D42A5156C0DC890C24CBCC7A76B22C81AE5EBDA8AFC57DE1F7BC50C486A7451127052EF152B81DE17EDD
WindowsServer2003-KB3046306-x86-PLK.exe33204A0FA7950EB7C8F41AF29BE1A8E747B2958BA0F6872173D5809BA24371C18848A6E2C021892D5474398DF1943CF90630245D
WindowsServer2003-KB3046306-x86-PTB.exe01EB0EBAC8D75F14BA9266D0DB703F453C928C37909D57B1315CD77518A3BB3C993CC114EEF60B2684DD192D9B3B8D3AC73F65EE
WindowsServer2003-KB3046306-x86-PTG.exeCF1821668CCE47267E00B78A2B3FC0D1AD6D4A24F0C22A1DE77C57E625E5665C663B6F5686C3791946FCCCE980DD4715606CB662
WindowsServer2003-KB3046306-x86-RUS.exe563EEE8288D385D01E5DC267F09E481D36CB5AF821E4E8EEC0FC3DCDB87A6E7F4E7CCB93709C0609633A1367F7051D007F3CAC92
WindowsServer2003-KB3046306-x86-SVE.exeA6DCE5C38E7820C27FE031654908550D011C9567E81A7584A8EF2AD3F093F59607A45ABCD0394DC5DA8BFFA9B6494400FCF70788
WindowsServer2003-KB3046306-x86-TRK.exe9F991423DDBEEF51721EA62A1FA89C8F9258C18AE38C13D504D1A0F956F322F0AD166EF609F0534A3A3CD600B888B782C7DFFF11

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 3046306 - Last Review: 04/27/2015 16:56:00 - Revision: 2.0

Windows 7 Service Pack 1, Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2, Microsoft Windows Server 2003 Service Pack 2

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB3046306
Feedback
dy>