Microsoft security advisory: Vulnerability in Microsoft Malicious Software Removal Tool could allow elevation of privilege: July 14, 2015

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Summary
Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To learn more about the vulnerability, see https://technet.microsoft.com/security/advisory/3074162
More information
Important
  • All future security and non-security updates for Windows 8.1 and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows 8.1-based or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
For more information about the Malicious Software Removal Tool (MSRT), click the following article number to view the article in the Microsoft Knowledge Base:
890830 The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running supported versions of Windows
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, seeGet security updates automatically.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update. Click the following link to download the file for all Windows versions:



More information

File hash information

File nameSHA1 hashSHA256 hash
Windows-KB890830-V5.26.exe2731AD858C623A9772244B0838ED7F3F212A6B9D05B6F1BF69760E73AC5FB760D217B8F484F20C9209667AD2CC01D0850528042F
Windows-KB890830-x64-V5.26.exe580E9F53164AE0852F5414DADFB22A6C2B03C9119C12D0F141C8142AA3EF5E6D06AE4D608B4F1354A533C36559D0F72D354A7C7D

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For all supported x64-based systems

File nameFile versionFile sizeDateTimePlatform
Mrt.exe5.26.11603.0130,666,66402-Jul-201504:00x64
Mrtstub.exe5.26.11603.093,92002-Jul-201503:46x64

For all supported x86-based systems

File nameFile versionFile sizeDateTimePlatform
Mrt.exe5.26.11603.0127,403,69602-Jul-201503:51x86
Mrtstub.exe5.26.11603.089,81602-Jul-201503:49x86

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 3074162 - Last Review: 08/02/2015 17:34:00 - Revision: 2.0

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows Server 2012 Datacenter, Windows Server 2012 Standard, Windows Server 2012 Essentials, Windows Server 2012 Foundation, Windows 8 Enterprise, Windows 8 Pro, Windows 8, Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1, Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2, Microsoft Windows Server 2003 Service Pack 2

  • kbexpertiseinter kbinfo kbsecadvisory kbsecurity kbsecvulnerability KB3074162
Feedback