MS15-030: Vulnerability in Remote Desktop protocol could allow denial of service: March 10, 2015

Summary

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker creates multiple RDP sessions which fail to properly free objects in memory. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

Introduction

Microsoft has released security bulletin MS15-030. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.

  • 3036493 MS15-030: Description of the security update for Remote Desktop protocol: March 10, 2015Known issues in security update 3036493:

    • If you uninstall this security update, you may have to restart the computer two times.




      Note We do not recommend that you uninstall any security update.

  • 3035017 MS15-030: Description of the security update for Remote Desktop protocol: March 10, 2015

Windows 7 (all editions)Reference Table

The following table contains the security update information for this software.

Security update file name

For all supported 32-bit editions of Windows 7:
Windows6.1-KB3035017-x86.msu
Windows6.1-KB3036493-x86.msu

For all supported x64-based editions of Windows 7:
Windows6.1-KB3035017-x64.msu
Windows6.1-KB3036493-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, and under Windows Update, click View installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)Reference Table

The following table contains the security update information for this software.

Security update file name

For all supported 32-bit editions of Windows 8:
Windows8-RT-KB3035017-x86.msu

For all supported x64-based editions of Windows 8:
Windows8-RT-KB3035017-x64.msu

For all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3035017-x86.msu

For all supported x64-based editions of Windows 8.1:
Windows8.1-KB3035017-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, click Windows Update, and under See also, click Installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)Reference Table

The following table contains the security update information for this software.

Security update file name

For all supported editions of Windows Server 2012:
Windows8-RT-KB3035017-x64.msu

For all supported editions of Windows Server 2012 R2:
Windows8.1-KB3035017-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, click Windows Update, and under See also, click Installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.


File information

File name

SHA1 hash

SHA256 hash

Windows6.1-KB3035017-x64.msu

55C640C841C40159D46C023E72E2442B36A6A88B

FB64CACE6EBE45E4625C4D67A00FE2C2BDC3E1297817069EF53902D30336CC53

Windows6.1-KB3036493-x86.msu

8A2DFDA55272F2E7119A3002698196FAC447C35D

C3CCB76804547EB7E8B82F93E20BB0AB451456328E3D93117A291DE80AC852B3

Windows8-RT-KB3035017-x64.msu

A998FAB5E4787685EFA0D9E9E229F69AF1CB31DB

096E51B2DD34C9F00E50621F6FC504D2D8B1B47FBA29FE52C7AF164638D1B4D0

Windows8-RT-KB3035017-x86.msu

D994A15A1349322AC6BA6A6F49C84326CD5FD43F

F271914531FB227D65D21394FB0F0F7C8C2EE7259A542EEC0DAE8393E29D0717

Windows8.1-KB3035017-x64.msu

DAE9021A026562976104A170EA810E1A55980233

3254ECB3959433AEEA762C080FDEDE98FA2B6C8C1462E14AFD5C2D74C2C6865D

Windows6.1-KB3035017-x86.msu

E31388FAF790F0077FF536CB22FB6000C7E4B6BA

36840EB3B1F37BDB6EFB2A27C814B8E41A1C46196F3A508B6C3B3B68C480343D

Windows8.1-KB3035017-x86.msu

E8B8F45192A2336610C520AD3F89EC3A3F235ACD

2E6CA0E2829D289D0B45C89663B793181B44CB127FB57B37831C620F6791099B

Windows6.1-KB3036493-x64.msu

FC312F6BC2A8B9F5E15BBB2F4782BAD387688DC6

3A5426110B49B2904C98810329872A5BCA50938980D1F3930F2F99D0F2BDC98E


Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×