MS16-092: Description of the security update for Windows Kernel: July 12, 2016

Summary
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow security feature bypass if the Windows kernel fails to determine how a low-integrity application can use certain object manager features. 

To learn more about the vulnerability, see Microsoft Security Bulletin MS16-092.
More information
Important

  • All future security and non-security updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, seeGet security updates automatically.

Note For Windows RT 8.1, this update is available through Windows Update only.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS16-092 that corresponds to the version of Windows that you are running.
More information

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support
File Information

File hash information

File nameSHA1 hashSHA256 hash
Windows8.1-KB3170377-x86.msuA06C36BEB3D97543DB05205D065319BD598F41FCAAB13C9689655AFCD5E604B218DAB701C0B1AE0F883E0DA509C9492F83F9ED91
Windows8.1-KB3170377-x64.msu313049C09C4E396F61FA86A4E60D440C34423085C838996DD629AFA03B72CDBE10F0DBFCE152EBC47D8466C24B78CB4D2F97EEFB
Windows8-RT-KB3170377-x64.msu315C06263BE9D0427CD1B1A6900358D380F65741E97DAC44FE6BDC9C691C37EBDCCD82E49035B325A00788D4778C70EA70CE9E0E

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.

Windows 8.1 and Windows Server 2012 R2 file information

Notes

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table. 

    VersionProductMilestoneService branch
    6.3.960 0.16xxxWindows RT 8.1, Windows 8.1, and Windows Server 2012 R2RTMGDR
    6.3.960 0.17xxxWindows RT 8.1, Windows 8.1, and Windows Server 2012 R2RTMGDR
    6.3.960 0.18xxxWindows RT 8.1, Windows 8.1, and Windows Server 2012 R2RTMGDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
For all supported x86-based versions
File nameFile versionFile sizeDateTimePlatform
Chs_boot.ttfNot applicable3,695,65811-Jun-201618:27Not applicable
Msyhn_boot.ttfNot applicable150,73011-Jun-201618:27Not applicable
Msyh_boot.ttfNot applicable154,83411-Jun-201618:27Not applicable
Cht_boot.ttfNot applicable3,878,34611-Jun-201618:27Not applicable
Msjhn_boot.ttfNot applicable161,49811-Jun-201618:27Not applicable
Msjh_boot.ttfNot applicable163,50211-Jun-201618:27Not applicable
Segmono_boot.ttfNot applicable44,62611-Jun-201618:27Not applicable
Segoen_slboot.ttfNot applicable85,69311-Jun-201618:27Not applicable
Segoe_slboot.ttfNot applicable86,00911-Jun-201618:27Not applicable
Wgl4_boot.ttfNot applicable49,02911-Jun-201618:26Not applicable
Jpn_boot.ttfNot applicable1,985,80611-Jun-201618:27Not applicable
Meiryon_boot.ttfNot applicable141,49411-Jun-201618:27Not applicable
Meiryo_boot.ttfNot applicable143,11311-Jun-201618:27Not applicable
Kor_boot.ttfNot applicable2,372,93811-Jun-201618:27Not applicable
Malgunn_boot.ttfNot applicable174,37011-Jun-201618:27Not applicable
Malgun_boot.ttfNot applicable176,81811-Jun-201618:27Not applicable
Winload.efi6.3.9600.182331,396,68811-Feb-201620:21Not applicable
Winload.exe6.3.9600.182331,285,60011-Feb-201620:21x86
Winresume.efi6.3.9600.182321,272,18411-Feb-201620:21Not applicable
Winresume.exe6.3.9600.182321,171,99211-Feb-201620:21x86
Ntdll.dll6.3.9600.182331,471,54411-Feb-201620:21x86
Ntoskrnl.exe6.3.9600.183785,761,88811-Jun-201618:27Not applicable
Microsoft-windows-system-events.dll6.3.9600.18232246,78409-Feb-201617:24x86
Krnlprov.dll6.3.9600.1829238,91231-Mar-201604:20x86
Krnlprov.mofNot applicable14,84021-Aug-201323:46Not applicable
For all supported x64-based versions
File nameFile versionFile sizeDateTimePlatformService branch
Chs_boot.ttfNot applicable3,695,65811-Jun-201619:45Not applicableNot applicable
Msyhn_boot.ttfNot applicable150,73011-Jun-201619:45Not applicableNot applicable
Msyh_boot.ttfNot applicable154,83411-Jun-201619:45Not applicableNot applicable
Cht_boot.ttfNot applicable3,878,35011-Jun-201619:45Not applicableNot applicable
Msjhn_boot.ttfNot applicable161,49811-Jun-201619:45Not applicableNot applicable
Msjh_boot.ttfNot applicable163,50211-Jun-201619:45Not applicableNot applicable
Segmono_boot.ttfNot applicable44,62611-Jun-201619:45Not applicableNot applicable
Segoen_slboot.ttfNot applicable85,69411-Jun-201619:45Not applicableNot applicable
Segoe_slboot.ttfNot applicable86,01011-Jun-201619:45Not applicableNot applicable
Wgl4_boot.ttfNot applicable49,03011-Jun-201619:44Not applicableNot applicable
Jpn_boot.ttfNot applicable1,985,80211-Jun-201619:45Not applicableNot applicable
Meiryon_boot.ttfNot applicable141,49411-Jun-201619:45Not applicableNot applicable
Meiryo_boot.ttfNot applicable143,11411-Jun-201619:45Not applicableNot applicable
Kor_boot.ttfNot applicable2,372,93711-Jun-201619:45Not applicableNot applicable
Malgunn_boot.ttfNot applicable174,37011-Jun-201619:45Not applicableNot applicable
Malgun_boot.ttfNot applicable176,81811-Jun-201619:45Not applicableNot applicable
Winload.efi6.3.9600.182331,663,18411-Feb-201620:17Not applicableNot applicable
Winload.exe6.3.9600.182331,523,20811-Feb-201620:17x64Not applicable
Winresume.efi6.3.9600.182321,490,12011-Feb-201620:17Not applicableNot applicable
Winresume.exe6.3.9600.182321,358,95211-Feb-201620:17x64Not applicable
Ntdll.dll6.3.9600.182331,737,08811-Feb-201620:17x64Not applicable
Ntoskrnl.exe6.3.9600.183787,445,85611-Jun-201619:45x64Not applicable
Microsoft-windows-system-events.dll6.3.9600.18232246,78409-Feb-201618:07x64Not applicable
Krnlprov.dll6.3.9600.1829246,59231-Mar-201604:59x64Not applicable
Krnlprov.mofNot applicable14,84022-Aug-201306:51Not applicableNot applicable
Ntvdm64.dll6.3.9600.1814616,89621-Nov-201518:32x64AMD64_MICROSOFT-WINDOWS-WOW
Wow64.dll6.3.9600.17734285,18420-Mar-201504:10x64AMD64_MICROSOFT-WINDOWS-WOW
Wow64cpu.dll6.3.9600.1773413,31220-Mar-201504:10x64AMD64_MICROSOFT-WINDOWS-WOW
Ntdll.dll6.3.9600.182331,501,48811-Feb-201620:16x86Not applicable
Acwow64.dll6.3.9600.1773437,37620-Mar-201503:06x86WOW64_MICROSOFT-WINDOWS-WOW
Instnm.exe6.3.9600.174758,70429-Oct-201401:13x86WOW64_MICROSOFT-WINDOWS-WOW
Ntvdm64.dll6.3.9600.1814614,33621-Nov-201517:50x86WOW64_MICROSOFT-WINDOWS-WOW
Setup16.exe3.1.0.191825,60029-Oct-201401:13x86WOW64_MICROSOFT-WINDOWS-WOW
User.exe6.3.9600.174754,09629-Oct-201401:14x86WOW64_MICROSOFT-WINDOWS-WOW
Wow32.dll6.3.9600.174755,63229-Oct-201401:15x86WOW64_MICROSOFT-WINDOWS-WOW

Windows Server 2012 file information

Notes

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table.

    VersionProduct Milestone Service branch
    6.2.920 0.17xxxWindows 8, Windows RT, or Windows Server 2012RTMGDR
    6.2.920 0.21xxxWindows 8, Windows RT, or Windows Server 2012RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
For all supported x64-based versions
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Winload.efi6.2.9200.216381,405,40822-Sep-201521:46Not applicableNoneNot applicable
Winload.exe6.2.9200.216381,273,18422-Sep-201521:46x64NoneNot applicable
Winresume.efi6.2.9200.207261,217,35225-May-201300:17Not applicableNoneNot applicable
Winresume.exe6.2.9200.207261,093,90425-May-201300:17x64NoneNot applicable
Ksecdd.sys6.2.9200.21473100,18402-May-201506:23x64NoneNot applicable
Lsass.exe6.2.9200.2052135,84020-Sep-201206:33x64NoneNot applicable
Sspicli.dll6.2.9200.21703164,35217-Nov-201508:00x64NoneNot applicable
Sspisrv.dll6.2.9200.2052127,64820-Sep-201206:32x64NoneNot applicable
Cng.sys6.2.9200.21637566,07222-Sep-201513:43x64NoneNot applicable
Ksecpkg.sys6.2.9200.21896171,36011-Jun-201611:02x64NoneNot applicable
Lsasrv.dll6.2.9200.218301,280,00009-Apr-201616:01x64NoneNot applicable
Adtschema.dll6.2.9200.21289719,36010-Nov-201404:43x64NoneNot applicable
Msaudite.dll6.2.9200.21269146,94411-Oct-201405:38x64NoneNot applicable
Msobjs.dll6.2.9200.1638461,95226-Jul-201202:36x64NoneNot applicable
Ocspsvcctrs.iniNot applicable2,96026-Jul-201205:07Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,13426-Jul-201208:00Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,91826-Jul-201204:43Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,21026-Jul-201207:59Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,09826-Jul-201208:00Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,02826-Jul-201207:59Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,14026-Jul-201205:21Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,64226-Jul-201208:11Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,57626-Jul-201205:20Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,02626-Jul-201207:36Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,02826-Jul-201207:48Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,18826-Jul-201205:30Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,12626-Jul-201205:08Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,06426-Jul-201207:49Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,09226-Jul-201207:52Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,82826-Jul-201205:12Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,46426-Jul-201208:05Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,48026-Jul-201205:13Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,46026-Jul-201208:11Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvc.exe6.2.9200.21345272,38415-Jan-201505:27x64SPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.hNot applicable1,56902-Jun-201214:34Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,91802-Jun-201214:34Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ntoskrnl.exe6.2.9200.218966,937,95211-Jun-201611:10x64NoneNot applicable
Credssp.dll6.2.9200.2170320,48017-Nov-201507:59x64SP_AMD64_MICROSOFT-WINDOWS-SECURITY-CREDSSP
Tspkg.dll6.2.9200.2170394,72017-Nov-201508:01x64SP_AMD64_MICROSOFT-WINDOWS-SECURITY-CREDSSP
Tspkg.mofNot applicable96402-Jun-201214:33Not applicableSP_AMD64_MICROSOFT-WINDOWS-SECURITY-CREDSSP
Wdigest.dll6.2.9200.21894208,89611-Jun-201604:48x64NoneNot applicable
Kerberos.dll6.2.9200.21830829,95209-Apr-201616:01x64NoneNot applicable
Msv1_0.dll6.2.9200.21830317,95209-Apr-201616:01x64NoneNot applicable
Shcore.dll6.2.9200.21703590,84817-Nov-201508:00x64NoneNot applicable
Mrxsmb10.sys6.2.9200.21529281,60025-Jun-201518:52x64NoneNot applicable
Mrxsmb20.sys6.2.9200.21548205,31211-Jul-201517:07x64NoneNot applicable
Mrxsmb.sys6.2.9200.21342396,80006-Jan-201523:17x64NoneNot applicable
Lsm.dll6.2.9200.21703439,80817-Nov-201508:00x64NoneNot applicable
Workerdd.dll6.2.9200.2101214,84812-Apr-201406:58x64NoneNot applicable
Usercpl.dll6.2.9200.218961,043,96811-Jun-201604:48x64NoneNot applicable
Usercpl.ptxmlNot applicable78911-Oct-201200:40Not applicableNoneNot applicable
Winlogon.exe6.2.9200.21703578,04817-Nov-201508:01x64NoneNot applicable
Sspicli.dll6.2.9200.2098499,84010-Mar-201401:34x86NoneNot applicable
Wdigest.dll6.2.9200.21896176,64011-Jun-201609:30x86NoneNot applicable
Kerberos.dll6.2.9200.21830666,11209-Apr-201616:48x86NoneNot applicable
Msv1_0.dll6.2.9200.21830274,94409-Apr-201616:48x86NoneNot applicable
Adtschema.dll6.2.9200.21289719,36010-Nov-201403:40x86NoneNot applicable
Msaudite.dll6.2.9200.21269146,94411-Oct-201404:35x86NoneNot applicable
Msobjs.dll6.2.9200.1638461,95226-Jul-201202:47x86NoneNot applicable
Credssp.dll6.2.9200.2170317,40817-Nov-201508:08x86SP_X86_MICROSOFT-WINDOWS-SECURITY-CREDSSP
Tspkg.dll6.2.9200.2170376,80017-Nov-201508:09x86SP_X86_MICROSOFT-WINDOWS-SECURITY-CREDSSP
Tspkg.mofNot applicable96402-Jun-201214:33Not applicableSP_X86_MICROSOFT-WINDOWS-SECURITY-CREDSSP
Shcore.dll6.2.9200.21703460,80017-Nov-201508:09x86NoneNot applicable
Usercpl.dll6.2.9200.21703961,53617-Nov-201508:09x86NoneNot applicable
Usercpl.ptxmlNot applicable78911-Oct-201200:42Not applicableNoneNot applicable
malicious attacker exploit
Properties

Article ID: 3170377 - Last Review: 07/12/2016 17:18:00 - Revision: 1.0

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows RT 8.1, Windows Server 2012 Datacenter, Windows Server 2012 Standard, Windows Server 2012 Essentials, Windows Server 2012 Foundation

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB3170377
Feedback