Summary

This security update resolves a vulnerability in Windows Service Control Manager (SCM). This vulnerability is caused when SCM incorrectly verifies impersonation levels. The vulnerability could allow elevation of privilege if an attacker can first log on to the system and then run a specially crafted application that is designed to increase privileges.

Introduction

Microsoft has released security bulletin MS15-050. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:Support for Microsoft UpdateSecurity solutions for IT professionals:TechNet Security Troubleshooting and SupportHelp protect your Windows-based computer from viruses and malware:Virus Solution and Security CenterLocal support according to your country:International Support

More Information

Windows Vista (all editions)Reference tableThe following table contains the security update information for this software.

Security update file names

For all supported 32-bit editions of Windows Vista:Windows6.0-KB3055642-x86.msu

For all supported x64-based editions of Windows Vista:Windows6.0-KB3055642-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

WUSA.exe does not support uninstall of updates. To uninstall an update that is installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)Reference tableThe following table contains the security update information for this software.

Security update file names

For all supported 32-bit editions of Windows Server 2008:Windows6.0-KB3055642-x86.msu

For all supported x64-based editions of Windows Server 2008:Windows6.0-KB3055642-x64.msu

For all supported Itanium-based editions of Windows Server 2008:Windows6.0-KB3055642-ia64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

WUSA.exe does not support uninstall of updates. To uninstall an update that is installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)Reference TableThe following table contains the security update information for this software.

Security update file name

For all supported 32-bit editions of Windows 7:Windows6.1-KB3055642-x86.msu

For all supported x64-based editions of Windows 7:Windows6.1-KB3055642-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

To uninstall an update that is installed by WUSA, use the setup switch. Or, click Control Panel, and then click System and Security. Under Windows Update, click View installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)Reference TableThe following table contains the security update information for this software.

Security update file name

For all supported x64-based editions of Windows Server 2008 R2:Windows6.1-KB3055642-x64.msu

For all supported Itanium-based editions of Windows Server 2008 R2:Windows6.1-KB3055642-ia64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

To uninstall an update that is installed by WUSA, use the setup switch. Or, click Control Panel, and then click System and Security. Under Windows Update, click View installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)Reference TableThe following table contains the security update information for this software.

Security update file name

For all supported 32-bit editions of Windows 8:Windows8-RT-KB3055642-x86.msu

For all supported x64-based editions of Windows 8:Windows8-RT-KB3055642-x64.msu

For all supported 32-bit editions of Windows 8.1:Windows8.1-KB3055642-x86.msu

For all supported x64-based editions of Windows 8.1:Windows8.1-KB3055642-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, and then click Windows Update. Under See also, click Installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)Reference TableThe following table contains the security update information for this software.

Security update file name

For all supported editions of Windows Server 2012:Windows8-RT-KB3055642-x64.msu

For all supported editions of Windows Server 2012 R2:Windows8.1-KB3055642-x64.msu

Installation switches

See Microsoft Knowledge Base Article 934307

Restart requirement

Yes, you must restart your system after you apply this security update.

Removal information

To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, and then click Windows Update. Under See also, click Installed updates, and then select from the list of updates.

File information

See the file information section.

Registry key verification

Note A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)Reference TableThe following table contains the security update information for this software.

Deployment

These updates are available through Windows Update only.

Restart Requirement

Yes, you must restart your system after you apply this security update.

Removal Information

Click Control Panel, click System and Security, and then click Windows Update. Under See also, click Installed updates, and then select from the list of updates.

File Information

See the file information section.

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

  • The files that apply to a specific product, milestone (SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

    Version

    Product

    Milestone

    Service branch

    6.0.6002.18xxx

    Windows Vista SP2 and Windows Server 2008 SP2

    SP2

    GDR

    6.0.6002.23xxx

    Windows Vista SP2 and Windows Server 2008 SP2

    SP2

    LDR

  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows Vista and Windows Server 2008

File name

File version

File size

Date

Time

Platform

Services.exe

6.0.6002.19369

279,552

10-Apr-2015

23:22

x86

Services.mof

Not Applicable

2,866

18-Sep-2006

21:46

Not Applicable

Services.exe

6.0.6002.23677

280,576

10-Apr-2015

23:18

x86

Services.mof

Not Applicable

2,866

07-May-2014

23:55

Not Applicable

For all supported x64-based versions of Windows Vista and Windows Server 2008

File name

File version

File size

Date

Time

Platform

Services.exe

6.0.6002.19369

384,512

10-Apr-2015

23:33

x64

Services.mof

Not Applicable

2,866

18-Sep-2006

21:44

Not Applicable

Services.exe

6.0.6002.23677

385,024

10-Apr-2015

23:44

x64

Services.mof

Not Applicable

2,866

07-May-2014

23:55

Not Applicable

Services.exe

6.0.6002.19369

279,552

10-Apr-2015

23:22

x86

Services.mof

Not Applicable

2,866

18-Sep-2006

21:46

Not Applicable

Services.exe

6.0.6002.23677

280,576

10-Apr-2015

23:18

x86

Services.mof

Not Applicable

2,866

07-May-2014

23:55

Not Applicable

For all supported IA-64-based versions of Windows Server 2008

File name

File version

File size

Date

Time

Platform

Services.exe

6.0.6002.19369

744,448

10-Apr-2015

23:23

IA-64

Services.mof

Not Applicable

2,866

03-Jan-2008

19:17

Not Applicable

Services.exe

6.0.6002.23677

746,496

10-Apr-2015

23:22

IA-64

Services.mof

Not Applicable

2,866

07-May-2014

23:54

Not Applicable

Services.exe

6.0.6002.19369

279,552

10-Apr-2015

23:22

x86

Services.mof

Not Applicable

2,866

18-Sep-2006

21:46

Not Applicable

Services.exe

6.0.6002.23677

280,576

10-Apr-2015

23:18

x86

Services.mof

Not Applicable

2,866

07-May-2014

23:55

Not Applicable

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

    Version

    Product

    Milestone

    Service branch

    6.1.7601.18xxx

    Windows 7 and Windows Server 2008 R2

    SP1

    GDR

    6.1.7601.22xxx

    Windows 7 and Windows Server 2008 R2

    SP1

    LDR

  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 7

File name

File version

File size

Date

Time

Platform

Services.exe

6.1.7601.18829

259,072

13-Apr-2015

03:19

x86

Services.mof

Not Applicable

2,866

04-Jul-2013

12:14

Not Applicable

Services.ptxml

Not Applicable

1,061

12-Apr-2015

22:32

Not Applicable

Services.exe

6.1.7601.23033

259,072

11-Apr-2015

03:53

x86

Services.mof

Not Applicable

2,866

09-Jul-2013

06:07

Not Applicable

Services.ptxml

Not Applicable

1,061

10-Apr-2015

23:15

Not Applicable

For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File name

File version

File size

Date

Time

Platform

Services.exe

6.1.7601.18829

328,704

13-Apr-2015

03:28

x64

Services.mof

Not Applicable

2,866

04-Jul-2013

12:14

Not Applicable

Services.ptxml

Not Applicable

1,061

12-Apr-2015

22:32

Not Applicable

Services.exe

6.1.7601.23033

328,704

11-Apr-2015

04:31

x64

Services.mof

Not Applicable

2,866

09-Jul-2013

06:15

Not Applicable

Services.ptxml

Not Applicable

1,061

10-Apr-2015

23:28

Not Applicable

For all supported IA-64-based versions of Windows Server 2008 R2

File name

File version

File size

Date

Time

Platform

Services.exe

6.1.7601.18829

683,520

13-Apr-2015

02:21

IA-64

Services.mof

Not Applicable

2,866

04-Jul-2013

12:22

Not Applicable

Services.ptxml

Not Applicable

1,061

12-Apr-2015

22:29

Not Applicable

Services.exe

6.1.7601.23033

683,520

11-Apr-2015

03:08

IA-64

Services.mof

Not Applicable

2,866

09-Jul-2013

06:10

Not Applicable

Services.ptxml

Not Applicable

1,061

10-Apr-2015

23:13

Not Applicable

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

    Version

    Product

    Milestone

    Service branch

    6.2.920 0.16 xxx

    Windows 8 and Windows Server 2012

    RTM

    GDR

    6.2.920 0.20 xxx

    Windows 8 and Windows Server 2012

    RTM

    LDR

  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

For all supported x86-based versions of Windows 8

File name

File version

File size

Date

Time

Platform

Services.exe

6.2.9200.17343

333,312

13-Apr-2015

04:06

x86

Services.exe

6.2.9200.21456

332,288

12-Apr-2015

22:34

x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File name

File version

File size

Date

Time

Platform

Services.exe

6.2.9200.17343

417,280

13-Apr-2015

05:32

x64

Services.exe

6.2.9200.21442

411,136

12-Apr-2015

22:31

x64

For all supported x86-based versions of Windows 8.1

File name

File version

File size

Date

Time

Platform

Services.exe

6.3.9600.17793

333,624

08-Apr-2015

22:59

x86

For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2

File name

File version

File size

Date

Time

Platform

Services.exe

6.3.9600.17793

410,128

08-Apr-2015

22:55

x64

File name

SHA1 hash

SHA256 hash

Windows6.0-KB3055642-ia64.msu

A9D0AEEFC75C5925DBE16B9D14754BFD220FEE0A

1A36443CB5B5D1D6517D2CA79FE375A42D1A4397E30F7465A11684D389258283

Windows6.0-KB3055642-x64.msu

05FBCC383DFE1E46ED7EDF23A9E9B775EE5242AB

AE965FC3BF5CF2EEEB754768E1B61BA05764403644436ECC1B32B66E3CECBDA2

Windows6.0-KB3055642-x86.msu

6F6C0687C22FBF63C90EAB8D84F80F726D983C43

85DD6C42FEDA9F2F56F79BC5A4089B4329B3866F177D7229472B58942A5F6B42

Windows6.1-KB3055642-ia64.msu

AE806D548170FAC249B397C80933883A9F19B853

C5F6CAD27C0664349A0BA62FEC0BD55BDCF5CAACEDA23EF862B83B2CF996B8C8

Windows6.1-KB3055642-x64.msu

CC13DB5A18E3531C854E85263E66055CDD081678

3632699001A0360350881035AD07AFA96E7E958C41C13924060950D37C1576C2

Windows6.1-KB3055642-x86.msu

2F1AC561188E1AF40796273CE672DE6C73259202

F4B2048C187D765153AD77F3F42CA6279BA8F83EBC89E50980F3423C8E47E866

Windows8.1-KB3055642-x64.msu

DA4C9859885BC413462C7B73141CF42AAC807238

221F9AA57C2347C3CDF4AE26E58177D199201DC13D47A53E70BDF39443376B62

Windows8.1-KB3055642-x86.msu

B448FC6FBD8B9BA0951DEDABF00DCD523163E8A4

9C6D430199A79B41AEE2D1B57C3DDB0EEE585F0E3523CFBC741741C819D2751B

Windows8-RT-KB3055642-x64.msu

B1ADE85117948215F943F4F2B15C3399BF0837D7

EDA655683CA4139CA05FAF6C99AA39A6CBEBA9475C2A34A6CDCE437D64F35692

Windows8-RT-KB3055642-x86.msu

4AC05C6692ADD3B39082CF938BBB8FC52CBD7637

DD5E9386B1A700EA4ADAB8994C55EB479507E04AAE97B2006E42E752FB6AB72A

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.