MS15-100: Vulnerability in Windows Media Center could allow remote code execution: September 8, 2015

Summary
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploits this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.

To learn more about the vulnerability, see Microsoft Security Bulletin MS15-100.
More information
Important
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, seeStay up-to-date for more secure web browsing.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS15-100 that corresponds to the version of Windows that you are running.
More information

Security update deployment information

Windows Vista (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Vista:
Windows6.0-KB3087918-x86.msu

For all supported x64-based editions of Windows Vista:
Windows6.0-KB3087918-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementIn some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.
Removal informationWUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 7:
Windows6.1-KB3087918-x86.msu

For all supported x64-based editions of Windows 7:
Windows6.1-KB3087918-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementIn some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 8:
Windows8-RT-KB3087918-x86.msu

For all supported x64-based editions of Windows 8:
Windows8-RT-KB3087918-x64.msu

For all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3087918-x86.msu

For all supported x64-based editions of Windows 8.1:
Windows8.1-KB3087918-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementIn some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File informationSee the file information section.
Registry key verificationNote A registry key does not exist to validate the presence of this update.

File hash information

File nameSHA1 hashSHA256 hash
Windows6.1-KB3087918-x86.msu21020BF7ECC617FFF6C248A22E00C6C488A414166BB97317BF126D54D710BF6D5C70E3F7C3E3EEB32F286B07D9085D658C1DF972
Windows6.1-KB3087918-x64.msu695A546FC6E6C211FE59A4EA93FF9CD59049B36178BB9CF0DA542DB1EB50D37BAF3EF340AB8345CBD79BAABCC27117F40689D9A3
Windows8-RT-KB3087918-x86.msu75F93A0B6095866FA5E77732879DE2094B889133DABBC8155AF38E44AD38DDC954911C337C56433241328B3342864802BC7282C5
Windows8-RT-KB3087918-x64.msu9478941DFAF0AB45CDFE96F3A2235ACCC4EDE7671E3D4E4D2F4D97045581C203851076804FE17AF3AB36CFE06E36AE98B5F21928
Windows6.0-KB3087918-x86.msu3421AE5504D9F6D56318B5CDDD34A330C71BDEC4A3518B2FD1275580C489F45D16ABAD6EB5001832E0AC437FD0EA18A13B61B8AC
Windows6.0-KB3087918-x64.msuF711944EE823859F198B3BF73674B795F68880503152DEE90D49758C0A34522C3898431E3C87BEBA7D52D9567130698C291729BF
Windows6.1-KB3087918-v2-x64.msuE840A08DFC45D29A9B63023C00D0F3DF28F2EDEDFBF0F4A93C97D3CE5EC64E106EED9F33D18DD56BF9D91D7CEC95EB3277ECA8B1
Windows6.1-KB3087918-v2-x86.msuAFF938D189153F0A9BAC822FABACFD574288C828700A886EB921DA89D67F4F4C6AE1DCA0C2BC64246D2A7FDAF64AF5CA2F5889FA

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Vista file information

  • The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.0.6002.19xxxWindows Vista SP2SP2GDR
    6.0.6002.23xxxWindows Vista SP2SP2LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.0.6002.194784,059,13614-Aug-201513:44x86
Ehshell.dll6.0.6002.237884,059,13614-Aug-201513:44x86

For all supported x64-based versions of Windows Vista

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.0.6002.194784,059,13614-Aug-201513:48x86
Ehshell.dll6.0.6002.237884,059,13614-Aug-201513:48x86

Windows 7 file information

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.1.7601.18xxxWindows 7SP1GDR
    6.1.7601.22xxxWindows 7SP1LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.1.7601.189686,307,84013-Aug-201517:50x86
Ehshell.dll6.1.7601.231716,307,84013-Aug-201519:29x86

For all supported x64-based versions of Windows 7

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.1.7601.189686,307,84013-Aug-201517:50x86
Ehshell.dll6.1.7601.231716,307,84013-Aug-201519:29x86

For all supported x86-based versions of Windows 7 Embedded

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.1.7600.168215,705,42430-Sep-201517:15x86
Ehshell.dll6.1.7600.168215,705,42430-Sep-201517:12x86

For all supported x64-based versions of Windows 7 Embedded

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.1.7600.168215,705,42430-Sep-201517:27x86
Ehshell.dll6.1.7600.168215,705,42430-Sep-201517:36x86

Windows 8 file information

  • The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.2.920 0.16 xxxWindows 8RTMGDR
    6.2.920 0.20 xxxWindows 8RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.2.9200.174866,315,52015-Aug-201500:32x86
Ehshell.dll6.2.9200.216016,315,52015-Aug-201506:22x86

For all supported x64-based versions of Windows 8

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.2.9200.174866,315,52015-Aug-201500:32x86
Ehshell.dll6.2.9200.216016,315,52015-Aug-201506:22x86

Windows 8.1 file information

  • The files that apply to a specific product, milestone (RTM,SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.3.920 0.16 xxxWindows 8.1RTMGDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8.1

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.3.9600.180156,315,52017-Aug-201518:39x86

For all supported x64-based versions of Windows 8.1

File nameFile versionFile sizeDateTimePlatform
Ehshell.dll6.3.9600.180156,315,52017-Aug-201518:39x86

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security troubleshooting and support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International support
malicious attacker exploit
Properties

Article ID: 3087918 - Last Review: 10/13/2015 17:05:00 - Revision: 2.0

Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows 8 Enterprise, Windows 8 Pro, Windows 8, Windows 7 Service Pack 1, Windows Vista Service Pack 2

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB3087918
Feedback