MS16-017: Description of the security update for Remote Desktop display driver: February 9, 2016

Summary
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an authenticated attacker uses Remote Desktop Protocol (RDP) to log on to the target system and sends specially crafted data over the connection. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk. 

To learn more about the vulnerability, see Microsoft Security Bulletin MS16-017.
More information
Important
  • All future security and nonsecurity updates for Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS16-017 that corresponds to the version of Windows that you are running.
More information

Known issues in this security update

  • You may have to restart the computer multiple times after you install this security update on a Windows 7-based computer that is running RDP 8.0.  

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support
File Information

File hash information

File nameSHA1 hashSHA256 hash
Windows6.1-KB3126446-x86.msuEB520294346B223A0DB07F174ADFAB93DC39FFA871854E0872CF1635A4E0D2FEE02E7FEE0A57BD192E75877404859D079A53FBEA
Windows8-RT-KB3126446-x64.msu67F5BE3101A99B6D026363C268370BE1EC139D89CFC651CACB292B50696D261D5CC67CE1B9CE0F017D54600E93FC25FEECA71DCB
Windows8.1-KB3126446-x86.msu6C4ACDEB1BA717FF8A56346226CD8293C281A2D98529B29834D310C1100362BB6937A0AA7836B47D5189F901F8E24DD702DDD54F
Windows8.1-KB3126446-x64.msu5DB36152E244441F00457652E96E27BB01142C10B068664FC83AA39EB78F61968AF3DC274C59421A6C2118813F49432282A91AC2
Windows6.1-KB3126446-x64.msu191BD43115F35BDEA4E34F18C3DFEDEC17C000BF1078C1E995F4527D94F47AF3BCE453154C4F79DE768693D0E8E63223199691DA

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.

Windows 7 file information

Notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    Version Product Milestone Service branch
    6.1.760 1.18xxxWindows 7 SP1GDR
    6.1.760 1.23 xxxWindows 7 SP1 LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
For all supported x86-based versions
File nameFile versionFile sizeDateTimePlatform
Rdpcorets.dll6.2.9200.173952,745,85620-Dec-201518:45x86
Rdpgrouppolicyextension.dll6.2.9200.1691413,82420-Dec-201518:45x86
Rdpudd.dll6.2.9200.17610221,18420-Dec-201516:16x86
Rdpvideominiport.sys6.2.9200.1639814,84820-Dec-201516:16x86
Terminalserver-winip.admxNot applicable8,05603-Jun-201520:16Not applicable
Rdpcorets.dll6.2.9200.215062,747,39220-Dec-201518:51x86
Rdpgrouppolicyextension.dll6.2.9200.2088313,82420-Dec-201518:51x86
Rdpudd.dll6.2.9200.21729221,18420-Dec-201516:15x86
Rdpvideominiport.sys6.2.9200.1639814,84820-Dec-201516:15x86
Terminalserver-winip.admxNot applicable8,05603-Jun-201520:16Not applicable
For all supported x64-based versions
File nameFile versionFile sizeDateTimePlatform
Rdpcorets.dll6.2.9200.173953,180,54420-Dec-201518:50x64
Rdpgrouppolicyextension.dll6.2.9200.1691416,38420-Dec-201518:50x64
Rdpudd.dll6.2.9200.17610243,20020-Dec-201514:08x64
Rdpvideominiport.sys6.2.9200.1639819,45603-Jun-201520:17x64
Terminalserver-winip.admxNot applicable8,05603-Jun-201520:17Not applicable
Rdpcorets.dll6.2.9200.215063,182,08020-Dec-201519:12x64
Rdpgrouppolicyextension.dll6.2.9200.2088316,38420-Dec-201519:12x64
Rdpudd.dll6.2.9200.21729243,20020-Dec-201514:08x64
Rdpvideominiport.sys6.2.9200.1639819,45603-Jun-201520:17x64
Terminalserver-winip.admxNot applicable8,05603-Jun-201520:17Not applicable

Windows Server 2012 file information

Notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    Version Product Milestone Service branch
    6.2.920 0.17xxxWindows Server 2012RTMGDR
    6.2.920 0.21xxxWindows Server 2012RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
For all supported x64-based versions
File nameFile versionFile sizeDateTimePlatform
Rdpcorets.dll6.2.9200.176103,248,64018-Dec-201500:56x64
Rdpudd.dll6.2.9200.17610235,52017-Dec-201519:57x64
Rdpvideominiport.sys6.2.9200.1643427,88012-Oct-201208:08x64
Rfxvmt.dll6.2.9200.1643436,35212-Oct-201206:14x64
Rdpcorets.dll6.2.9200.217293,250,68817-Dec-201521:43x64
Rdpudd.dll6.2.9200.21729235,52017-Dec-201519:31x64
Rdpvideominiport.sys6.2.9200.1638427,88826-Jul-201203:17x64
Rfxvmt.dll6.2.9200.1638436,35226-Jul-201203:07x64

Windows 8.1 and Windows Server 2012 R2 file information

Notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.3.960 0.17 xxxWindows 8.1, and Windows Server 2012 R2RTMGDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
For all supported x86-based versions
File nameFile versionFile sizeDateTimePlatform
Rdpcorets.dll6.3.9600.181672,975,74417-Dec-201516:11x86
Rdpudd.dll6.3.9600.18167117,24817-Dec-201517:45x86
Rdpvideominiport.sys6.3.9600.1741522,84829-Oct-201403:10x86
Rfxvmt.dll6.3.9600.1741533,79229-Oct-201401:54x86
For all supported x64-based versions
File nameFile versionFile sizeDateTimePlatform
Rdpcorets.dll6.3.9600.181673,547,64817-Dec-201516:17x64
Rdpudd.dll6.3.9600.18167131,58417-Dec-201518:29x64
Rdpvideominiport.sys6.3.9600.1741527,45629-Oct-201403:56x64
Rfxvmt.dll6.3.9600.1741540,44829-Oct-201402:37x64
malicious attacker exploit
Properties

Article ID: 3126446 - Last Review: 02/09/2016 18:04:00 - Revision: 1.0

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows Server 2012 Datacenter, Windows Server 2012 Standard, Windows Server 2012 Essentials, Windows Server 2012 Foundation, Windows 7 Service Pack 1

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB3126446
Feedback