{"id": "CVE-2015-2366", "bulletinFamily": "NVD", "title": "CVE-2015-2366", "description": "win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\"", "published": "2015-07-14T22:59:00", "modified": "2019-05-08T22:03:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2366", "reporter": "cve@mitre.org", "references": ["http://www.securitytracker.com/id/1032904", "https://www.exploit-db.com/exploits/38266/", "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-073"], "cvelist": ["CVE-2015-2366"], "type": "cve", "lastseen": "2019-05-29T18:14:40", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "50423edcedc027020516a0538a083dd7"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "0451aebc291e9d910c8a7e064ab85182"}, {"key": "cpe23", "hash": "e083a1f94689df44af57d85173e5f474"}, {"key": "cvelist", "hash": "4f4809b3cf9199b0260156892bd0131a"}, {"key": "cvss", "hash": "f74481c4d3fb2a622ac8c8a438ded811"}, {"key": "cvss2", "hash": "978aebce0b508b9ea2b78a9aa6960c71"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "fa12e087f68642fcaefafba0d4583885"}, {"key": "description", "hash": "325d83ecc491abd0b0440d3c0599f584"}, {"key": "href", "hash": "47b4d6122dfafa0f22ab9ccb3a9f1f84"}, {"key": "modified", "hash": "3b034814eacac217e99b6493b1ac9172"}, {"key": "published", "hash": "633a1463cad9674c12dd1b3007c36d38"}, {"key": "references", "hash": "181b7a7ffa429c66fa9ad69704852c75"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "52537d8cd81aaabc55b4161130efdbbb"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "6398834b980852b41d04ffde1bbaede4c606ef5b82393e0305449ea60b3cb8f8", "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2019-05-29T18:14:40"}, "dependencies": {"references": [{"type": "symantec", "idList": ["SMNTC-75657"]}, {"type": "exploitdb", "idList": ["EDB-ID:38266"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310805074"]}, {"type": "nessus", "idList": ["SMB_NT_MS15-073.NASL"]}, {"type": "kaspersky", "idList": ["KLA10631"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14594"]}], "modified": "2019-05-29T18:14:40"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "cpe": ["cpe:/a:microsoft:windows_rt:-", "cpe:/a:microsoft:windows_7:-", "cpe:/a:microsoft:windows_8.1:-", "cpe:/a:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/a:microsoft:windows_rt_8.1:-", "cpe:/a:microsoft:windows_server_2012:-", "cpe:/a:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_rt:-", "cpe:/o:microsoft:windows_7:-", "cpe:/a:microsoft:windows_8:-"], "affectedSoftware": [{"name": "microsoft windows_server_2012", "operator": "eq", "version": "r2"}, {"name": "microsoft windows_server_2012", "operator": "eq", "version": "-"}, {"name": "microsoft windows_server_2008", "operator": "eq", "version": "r2"}, {"name": "microsoft windows_rt", "operator": "eq", "version": "-"}, {"name": "microsoft windows_8.1", "operator": "eq", "version": "-"}, {"name": "microsoft windows_rt_8.1", "operator": "eq", "version": "-"}, {"name": "microsoft windows_8", "operator": "eq", "version": "-"}, {"name": "microsoft windows_7", "operator": "eq", "version": "-"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*", "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*"], "cwe": ["CWE-264"]}

{"symantec": [{"lastseen": "2018-03-11T18:49:02", "bulletinFamily": "software", "description": "### Description\n\nMicrosoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges.\n\n### Technologies Affected\n\n * Avaya CallPilot 4.0 \n * Avaya CallPilot 4.0.1 \n * Avaya CallPilot 5.0 \n * Avaya CallPilot 5.0.1 \n * Avaya CallPilot 5.1.0 \n * Avaya Meeting Exchange - Client Registration Server 5.0 \n * Avaya Meeting Exchange - Client Registration Server 5.0.1 \n * Avaya Meeting Exchange - Client Registration Server 5.2 \n * Avaya Meeting Exchange - Client Registration Server 5.2.1 \n * Avaya Meeting Exchange - Client Registration Server 6.0 \n * Avaya Meeting Exchange - Client Registration Server 6.2 \n * Avaya Meeting Exchange - Recording Server 5.0 \n * Avaya Meeting Exchange - Recording Server 5.0.1 \n * Avaya Meeting Exchange - Recording Server 5.2 \n * Avaya Meeting Exchange - Recording Server 5.2.1 \n * Avaya Meeting Exchange - Recording Server 6.0 \n * Avaya Meeting Exchange - Recording Server 6.2 \n * Avaya Meeting Exchange - Streaming Server 5.0 \n * Avaya Meeting Exchange - Streaming Server 5.0.1 \n * Avaya Meeting Exchange - Streaming Server 5.2 \n * Avaya Meeting Exchange - Streaming Server 5.2.1 \n * Avaya Meeting Exchange - Streaming Server 6.0 \n * Avaya Meeting Exchange - Streaming Server 6.2 \n * Avaya Meeting Exchange - Web Conferencing Server 5.0 \n * Avaya Meeting Exchange - Web Conferencing Server 5.0.1 \n * Avaya Meeting Exchange - Web Conferencing Server 5.2 \n * Avaya Meeting Exchange - Web Conferencing Server 5.2.1 \n * Avaya Meeting Exchange - Web Conferencing Server 6.0 \n * Avaya Meeting Exchange - Web Conferencing Server 6.2 \n * Avaya Meeting Exchange - Webportal 5.0 \n * Avaya Meeting Exchange - Webportal 5.0.1 \n * Avaya Meeting Exchange - Webportal 5.2 \n * Avaya Meeting Exchange - Webportal 5.2.1 \n * Avaya Meeting Exchange - Webportal 6.0 \n * Avaya Meeting Exchange - Webportal 6.2 \n * Avaya Messaging Application Server 5.0 \n * Avaya Messaging Application Server 5.0.1 \n * Avaya Messaging Application Server 5.2 \n * Avaya Messaging Application Server 5.2.1 \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8 for 32-bit Systems \n * Microsoft Windows 8 for x64-based Systems \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows RT \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nTo exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2015-07-14T00:00:00", "published": "2015-07-14T00:00:00", "id": "SMNTC-75657", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/75657", "type": "symantec", "title": "Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2366 Local Privilege Escalation Vulnerability", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-04T07:41:39", "bulletinFamily": "exploit", "description": "Windows Kernel - DeferWindowPos Use-After-Free (MS15-073). CVE-2015-2366. Dos exploit for win32 platform", "modified": "2015-09-22T00:00:00", "published": "2015-09-22T00:00:00", "id": "EDB-ID:38266", "href": "https://www.exploit-db.com/exploits/38266/", "type": "exploitdb", "title": "Windows Kernel - DeferWindowPos Use-After-Free MS15-073", "sourceData": "Source: https://code.google.com/p/google-security-research/issues/detail?id=339\r\n\r\nThe attached PoC demonstrate a use-after-free condition that occurs when operating on a DeferWindowPos object from multiple threads. The DeferWindowPos() call will trigger and block on the execution of a window procedure in a separate thread from which we call EndDeferWindowPos on the same handle. specialpool.txt contains the debugger output with Session Pool enabled, crash.txt the debugger output without Session Pool.\r\n\r\nProof of Concept:\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/38266.zip\r\n\r\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/38266/"}], "openvas": [{"lastseen": "2019-05-29T18:36:27", "bulletinFamily": "scanner", "description": "This host is missing an important security\n update according to Microsoft Bulletin MS15-073.", "modified": "2019-05-03T00:00:00", "published": "2015-07-15T00:00:00", "id": "OPENVAS:1361412562310805074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805074", "title": "MS Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3070102)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# MS Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3070102)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805074\");\n script_version(\"2019-05-03T12:31:27+0000\");\n script_cve_id(\"CVE-2015-2363\", \"CVE-2015-2365\", \"CVE-2015-2366\", \"CVE-2015-2367\",\n \"CVE-2015-2381\", \"CVE-2015-2382\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 12:31:27 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-07-15 08:32:59 +0530 (Wed, 15 Jul 2015)\");\n script_name(\"MS Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3070102)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft Bulletin MS15-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An improper handling of buffer elements by windows kernel-mode driver under\n certain conditions.\n\n - An improper freeing of an object in memory by windows kernel-mode driver.\n\n - Improper handling of buffer elements by windows kernel-mode driver under\n certain conditions.\n\n - Improper freeing of an object in memory by windows kernel-mode driver.\n\n - Insufficient validation of certain data passed from user mode by the windows\n kernel-mode driver.\n\n - Windows kernel-mode driver when it accesses an object in memory that has\n either not been correctly initialized or deleted.\n\n - Windows kernel-mode driver when it improperly validates user input.\n\n - Windows kernel-mode driver 'Win32k.sys' fails to properly free memory.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass security, gain elevated privileges and execute arbitrary\n code on affected system.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 8 x32/x64\n\n Microsoft Windows Server 2012/R2\n\n Microsoft Windows 8.1 x32/x64 Edition\n\n Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior\n\n Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior\n\n Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior\n\n Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior\n\n Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/kb/3070102\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/library/security/MS15-073\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/library/security/ms15-073\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2003:3, win2003x64:3, winVista:3, win7:2, win7x64:2,\n win2008:3, win2008r2:2, win8:1, win8x64:1, win2012:1,\n win2012R2:1, win8_1:1, win8_1x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath ){\n exit(0);\n}\n\ndllVer = fetch_file_version(sysPath:sysPath, file_name:\"system32\\Win32k.sys\");\nif(!dllVer){\n exit(0);\n}\n\nif(hotfix_check_sp(win2003:3, win2003x64:3) > 0)\n{\n if(version_is_less(version:dllVer, test_version:\"5.2.3790.5667\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\n## Currently not supporting for Vista and Windows Server 2008 64 bit\nif(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n if(version_is_less(version:dllVer, test_version:\"6.0.6002.19429\") ||\n version_in_range(version:dllVer, test_version:\"6.0.6002.23000\", test_version2:\"6.0.6002.23734\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n{\n if(version_is_less(version:dllVer, test_version:\"6.1.7601.18906\") ||\n version_in_range(version:dllVer, test_version:\"6.1.7601.22000\", test_version2:\"6.1.7601.23108\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nif(hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0)\n{\n if(version_is_less(version:dllVer, test_version:\"6.2.9200.17419\") ||\n version_in_range(version:dllVer, test_version:\"6.2.9200.20000\", test_version2:\"6.2.9200.21527\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\n## Win 8.1 and win2012R2\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) > 0)\n{\n if(version_is_less(version:dllVer, test_version:\"6.3.9600.17915\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "mskb": [{"lastseen": "2019-10-10T22:42:03", "bulletinFamily": "microsoft", "description": "<html><body><p>Resolves vulnerabilities in Microsoft Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.</p><h2>Summary</h2><div class=\"kb-summary-section section\"> This security update resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. To learn more about the vulnerabilities, see <a href=\"https://technet.microsoft.com/library/security/ms15-073\" id=\"kb-link-3\" target=\"_self\">Microsoft Security Bulletin MS15-073</a>. </div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><span class=\"text-base\">Important </span><ul class=\"sbody-free_list\"><li>All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update <a href=\"https://support.microsoft.com/en-us/help/2919355\" id=\"kb-link-4\" target=\"_self\">2919355</a> to be installed. We recommend that you install update <a href=\"https://support.microsoft.com/en-us/help/2919355\" id=\"kb-link-5\" target=\"_self\">2919355</a> on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates. </li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a href=\"https://technet.microsoft.com/en-us/library/hh825699\" id=\"kb-link-6\" target=\"_self\">Add language packs to Windows</a>.<br/></li></ul></div><h2>How to obtain and install the update</h2><div class=\"kb-resolution-section section\"><a class=\"bookmark\" id=\"obtaintheupdate\"></a><h3 class=\"sbody-h3\">Method 1: Windows Update</h3><div class=\"kb-collapsible kb-collapsible-expanded\">This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see <br/><a href=\"https://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-8\" target=\"_self\">Get security updates automatically</a>.<br/><br/><span class=\"text-base\">Note</span> For Windows RT and Windows RT 8.1, this update is available through Windows Update only.</div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">Method 2: Microsoft Download Center</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\">You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.<br/><br/>Click the download link in <a href=\"https://technet.microsoft.com/library/security/ms15-073\" id=\"kb-link-9\" target=\"_self\">Microsoft Security Bulletin MS15-073</a> that corresponds to the version of Windows that you are running. <br/> <br/><br/></div><br/></span></div></div></div></div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">Security update deployment information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><h4 class=\"sbody-h4\">Windows Server 2003 (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\">Security update file names</td><td class=\"sbody-td\">For all supported 32-bit editions of Windows Server 2003:<br/><span class=\"text-base\">WindowsServer2003-KB3070102-x86-ENU.exe</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Server 2003:<br/><span class=\"text-base\">WindowsServer2003-KB3070102-x64-ENU.exe</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported Itanium-based editions of Windows Server 2003:<br/><span class=\"text-base\">WindowsServer2003-KB3070102-ia64-ENU.exe</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Installation switches</td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-10\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Update Log File</td><td class=\"sbody-td\">KB3070102.log</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Restart requirement</td><td class=\"sbody-td\">Yes, you must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Removal information</td><td class=\"sbody-td\">Use <span class=\"text-base\">Add or Remove</span> Programs item in <span class=\"text-base\">Control Panel</span> or the Spuninst.exe utility located in the %Windir%\\$NTUninstallKB3070102$\\Spuninst folder</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">File information</td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Registry key verification</td><td class=\"sbody-td\">HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Updates\\Windows Server 2003\\SP3\\KB3070102\\Filelist</td></tr></table></div><h4 class=\"sbody-h4\">Windows Vista (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file names</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows Vista:<br/><span class=\"text-base\">Windows6.0-KB3070102-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Vista:<br/><span class=\"text-base\">Windows6.0-KB3070102-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-11\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">Yes, you must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click <span class=\"text-base\">Control Panel</span>, and then click <span class=\"text-base\">Security</span>. Under Windows Update, click <span class=\"text-base\">View installed updates</span> and select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4 class=\"sbody-h4\">Windows Server 2008 (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file names</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3070102-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3070102-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported Itanium-based editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3070102-ia64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-12\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">Yes, you must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click <span class=\"text-base\">Control Panel</span>, and then click <span class=\"text-base\">Security</span>. Under Windows Update, click <span class=\"text-base\">View installed updates</span> and select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4 class=\"sbody-h4\">Windows 7 (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows 7:<br/><span class=\"text-base\">Windows6.1-KB3070102-x86.msu </span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows 7:<br/><span class=\"text-base\">Windows6.1-KB3070102-x64.msu </span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-13\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">Yes, you must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update installed by WUSA, use the /Uninstall setup switch or click <span class=\"text-base\">Control Panel</span>, click <span class=\"text-base\">System and Security</span>, and then under Windows Update, click <span class=\"text-base\">View installed updates</span> and select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4 class=\"sbody-h4\">Windows Server 2008 R2 (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Server 2008 R2:<br/><span class=\"text-base\">Windows6.1-KB3070102-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported Itanium-based editions of Windows Server 2008 R2:<br/><span class=\"text-base\">Windows6.1-KB3070102-ia64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-14\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">Yes, you must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update installed by WUSA, use the <span class=\"text-base\">/Uninstall</span> setup switch or click <span class=\"text-base\">Control Panel</span>, click <span class=\"text-base\">System and Security</span>, and then under Windows Update, click <span class=\"text-base\">View installed updates</span> and select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4 class=\"sbody-h4\">Windows 8 and Windows 8.1 (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows 8:<br/><span class=\"text-base\">Windows8-RT-KB3070102-x86.msu </span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows 8:<br/><span class=\"text-base\">Windows8-RT-KB3070102-x64.msu </span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows 8.1:<br/><span class=\"text-base\">Windows8.1-KB3070102-x86.msu </span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows 8.1:<br/><span class=\"text-base\">Windows8.1-KB3070102-x64.msu </span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-15\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">Yes, you must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update installed by WUSA, use the <span class=\"text-base\">/Uninstall</span> setup switch or click <span class=\"text-base\">Control Panel</span>, click <span class=\"text-base\">System and Security</span>, click <span class=\"text-base\">Windows Update</span>, and then under See also, click <span class=\"text-base\">Installed updates</span> and select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4 class=\"sbody-h4\">Windows Server 2012 and Windows Server 2012 R2 (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported editions of Windows Server 2012:<br/><span class=\"text-base\">Windows8-RT-KB3070102-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported editions of Windows Server 2012 R2:<br/><span class=\"text-base\">Windows8.1-KB3070102-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-16\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">Yes, you must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update installed by WUSA, use the <span class=\"text-base\">/Uninstall</span> setup switch or click <span class=\"text-base\">Control Panel</span>, click <span class=\"text-base\">System and Security</span>, click <span class=\"text-base\">Windows Update</span>, and then under See also, click <span class=\"text-base\">Installed updates</span> and select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4 class=\"sbody-h4\">Windows RT and Windows RT 8.1 (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Deployment</span></td><td class=\"sbody-td\">These updates are available via <a href=\"http://go.microsoft.com/fwlink/?linkid=21130\" id=\"kb-link-17\" target=\"_self\">Windows Update</a> only.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart Requirement</span></td><td class=\"sbody-td\">Yes, you must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal Information</span></td><td class=\"sbody-td\">Click <span class=\"text-base\">Control Panel</span>, click <span class=\"text-base\">System and Security</span>, click <span class=\"text-base\">Windows Update</span>, and then under See also, click <span class=\"text-base\">Installed updates</span> and select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File Information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.</td></tr></table></div></div><br/></span></div></div></div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB3070102-ia64.msu</td><td class=\"sbody-td\">066B7E1D791D4F28ABCBA715BAB64EBFE99E15E9</td><td class=\"sbody-td\">6C2F6E179C343F7281C32753026327A0A20786E9255964325383910167CCF02B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB3070102-x64.msu</td><td class=\"sbody-td\">01693DCAA34891C3C86352C9A5F0DF7D864D8BB2</td><td class=\"sbody-td\">F2CACFE77F6C97D851452B60E3EB1390A0EC90B05ED0DCFEC9934C238D2C15EA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB3070102-x86.msu</td><td class=\"sbody-td\">A3FC452FD3072C2E8958141CEFE590F51CFDA660</td><td class=\"sbody-td\">1A9AE8DC10CDCE714F4FDBFBD6BAE39E5CD1ACFCF9A82BB040D00E79DF835845</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB3070102-ia64.msu</td><td class=\"sbody-td\">5A482794601C0897F948A226B4E88E7BD8224708</td><td class=\"sbody-td\">2375FF7F1338E1F003FB7519FF0B677851846B6E1B588DBA5DA9BF9DE10D5590</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB3070102-x64.msu</td><td class=\"sbody-td\">26CB5B555F2085839F049D7F6716BEDA72E2CDD7</td><td class=\"sbody-td\">D10F2432AA68F4CAD6D70D71874BDC72D19DF76795D3F33D12AF7D083FED7AA3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB3070102-x86.msu</td><td class=\"sbody-td\">3912FF429134134C58372018456B0B849365AA91</td><td class=\"sbody-td\">B90370DD9E2772BC1D2B0E210D43366D94110CBEE463ED7D78058CDB188ADC5D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB3070102-arm.msu</td><td class=\"sbody-td\">D8A9BFC6B5CCB2A23AC908B72EBAFB8E595E78C6</td><td class=\"sbody-td\">EF68D3F5A9CF3031050453F344F8AC3375564C1712AF3D8ED6F4D739C8CFDB2D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB3070102-x64.msu</td><td class=\"sbody-td\">6B6A4C20D50BC183E9E7D825B3021214454F97BA</td><td class=\"sbody-td\">FC549A24326109D42AA1A89FA2DF9E01370694B0AE590A56FE86DF5DB8C7647F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB3070102-x86.msu</td><td class=\"sbody-td\">F3CD08811FD660DB1B3D5891EF99359A3FD87CF3</td><td class=\"sbody-td\">04ABF1D54C8F103B6567A7AA7F43397DB62ED5C895720920D6CAF53C62D0BB1F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB3070102-arm.msu</td><td class=\"sbody-td\">68C0307A380E786C2435F93B3771CC42319BCE76</td><td class=\"sbody-td\">6F58070F7D47C38FCA42BA2C8DBDFDCAED50C32B06BF6302A6C23D50503D6426</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB3070102-x64.msu</td><td class=\"sbody-td\">99AC1BCA1492597773258AE092FB35BF18A94A99</td><td class=\"sbody-td\">FDDCB7B6C662BD4C95CF304E7BE31474D617981A0BAA4E91CBC6E71B456712B3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB3070102-x86.msu</td><td class=\"sbody-td\">CB61CAB6649745B74719295C4AA949D84FA7DCBB</td><td class=\"sbody-td\">B68CE5E30E44F98ACE1FE2C4136DA9B8A3F498D6400EB54C9A5B047925094DFF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-ia64-DEU.exe</td><td class=\"sbody-td\">B9200A3FC99D6D3EAA2FDCE0FD12AE7E6DA7FAB8</td><td class=\"sbody-td\">9200E9CE5EB8F17480C125AB68C2001CCE7C3AA2FF2DAE2CEF977EF615071E1B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-ia64-ENU.exe</td><td class=\"sbody-td\">9AAE4830FCD702BDF7AEFEF2784381D2CBB19732</td><td class=\"sbody-td\">5A995024BFEAD1BC6A4044CC83DD758DEA5E7789CFBFE3B81FBA0033A83DCFCD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-ia64-FRA.exe</td><td class=\"sbody-td\">AE84DFEEA78686EB1EDE3E127B310089EEBC5A76</td><td class=\"sbody-td\">584C2F7B1A094628957A7E14F3A073EA0082A80D92872263FA5D7A7DE1B4C1E6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-ia64-JPN.exe</td><td class=\"sbody-td\">F23519B41654AE9F94C3C646672DA3BBA31066DB</td><td class=\"sbody-td\">6627EB07C96906A4C4F18C85E7122A1FB57604A277A1611F5BB3F17EC232BDFD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-CHS.exe</td><td class=\"sbody-td\">B7D5F75364BB00B6FB9C154909FB196D8A2B2798</td><td class=\"sbody-td\">3BD7FF8B22611EB0D800EBBDC73EBE7EF662B8C9BF2588B4621D204DDD4B5E9A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-CHT.exe</td><td class=\"sbody-td\">3446D6E08FAA46D79871A74D6CD64EF35B15E7B5</td><td class=\"sbody-td\">172A70E444CD31BBA886BE48B5E8ACE26E9321BB667175FEA078519EC87129CD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-DEU.exe</td><td class=\"sbody-td\">99579FCFDEB0D34F8F524FD05F67A05F317127FB</td><td class=\"sbody-td\">2E87CF924566DA32647CC60F39D0817AE80B113911847313A999621FC014899B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-ENU.exe</td><td class=\"sbody-td\">DB74FABC7F1F27D17F4875AA5CCBF86C69228E0C</td><td class=\"sbody-td\">8E14AF32FC79BBC4050AC40E5C7676D65D288F3B377F8D3C83F0B2BB9EA78A3F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-ESN.exe</td><td class=\"sbody-td\">74F138B20B5BB54F41614C71A3269CCE5336CD02</td><td class=\"sbody-td\">1732FDE5D45278DADD5EFC6BF122451F4453BA558132014D6FE39A60278E2BB6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-FRA.exe</td><td class=\"sbody-td\">8AF1399670271C1CA6030233D810B22F2647748C</td><td class=\"sbody-td\">9B7873B639A9E1A73A29084189BC91ED4CC0E03D490EAC3BA7A01E7F61A7B7F2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-ITA.exe</td><td class=\"sbody-td\">D8FEB4887F67D0B5CFB9E311D7BF798834A79F62</td><td class=\"sbody-td\">09BA23C5676C504AEA37466DE177230E55A7B1F9C70295F39035DB320C9195F8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-JPN.exe</td><td class=\"sbody-td\">D4884358B7A762194295BBE07E2FCF4938F50B44</td><td class=\"sbody-td\">6689B88AD8E67FFD2DD31C24E1651C9A7299A571AADB246ABA09C45BECCFE78B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-KOR.exe</td><td class=\"sbody-td\">5A3D463D02FACFF3F62B15DC4DFE1433C52BA39D</td><td class=\"sbody-td\">F78778F854CD1B251C723C77596FF22EBE85600EEE60A6FF14C12426A553A2A1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-PTB.exe</td><td class=\"sbody-td\">F2709A7CB563DE1F97E9D77F79D75E79E2E175A8</td><td class=\"sbody-td\">A73E5880D67CE2E2B5A9C32366C5FC68C9092B494FCB2F08D1093C640FDAD064</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x64-RUS.exe</td><td class=\"sbody-td\">86536FB175440DDD5B163EB4322DD5BD0F16A789</td><td class=\"sbody-td\">538287C0C238E09563CD50E00C557AF083E1910104508AA053D3B0C20A469D61</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-CHS.exe</td><td class=\"sbody-td\">A5D0468E63587B1F3E2C43A3FA606FE4B39465AE</td><td class=\"sbody-td\">B311D93A7EAD569EAAC2A25B33830444A4A300A7E0F08EFAACB31CB00696A3C2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-CHT.exe</td><td class=\"sbody-td\">D9C7DCAFB1BC9642F19BB62A6062A3B639754737</td><td class=\"sbody-td\">EA458EE289E01E72B3EFEEEF96252BF3903E2D499E9F6968499EF6F795C065F9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-CSY.exe</td><td class=\"sbody-td\">5199DFF4A1FC6F61883AE565C0A2666352850153</td><td class=\"sbody-td\">D3740968E0E92A7D019DF2BD391E48150899E5BE615C15578040FB25A9F49DEF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-DEU.exe</td><td class=\"sbody-td\">7BA7114A8B4191A5E28FAD08C758325BD10BEE3E</td><td class=\"sbody-td\">F67DE60AFA4B7CB3638E0A6046E09FA7701700C8CEB3BC910DCD8993ACEBFDCF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-ENU.exe</td><td class=\"sbody-td\">F5780DF5BB5680184D429C0E2491CBAA59782EFF</td><td class=\"sbody-td\">A2BE93DF3A44D951850991FB9A6C66C32A248C6D14A5CE9B203A9448F3A74FB6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-ESN.exe</td><td class=\"sbody-td\">C93DC1B38597E7BC3522B9A316E257B98AFF75FE</td><td class=\"sbody-td\">4337C50E004E722FD53D85C12534E938C3F99D1F2FA07C0A17B67533EFBE0187</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-FRA.exe</td><td class=\"sbody-td\">A466CAE7D5D7E6E5ADFFE4EAA2773D3228531D7C</td><td class=\"sbody-td\">8393E2F3E721131962C4F2E4E8C815AA499ECE0A848B7C0E6F2BA3AB67DC7F5A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-HUN.exe</td><td class=\"sbody-td\">3EB86481EFE82339513AFEAE6448739422BCC785</td><td class=\"sbody-td\">86689B3323324DCDC4E16AB33C2C566CC8FF983CC65A8488B657EEF691500568</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-ITA.exe</td><td class=\"sbody-td\">BDE69641821391EBA9B478ABDA7DB3A2CE1DA843</td><td class=\"sbody-td\">B11C0389A2DDC92E4A3952345CBFD147E315D1BE8132B422C374C808B3BDE37E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-JPN.exe</td><td class=\"sbody-td\">DF0A1973210C8D00B331E436B60BDC3BF4BF720D</td><td class=\"sbody-td\">1A33605A72C32B4026CCB0A537454499367821A950E8293C4CC96A7F766AB624</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-KOR.exe</td><td class=\"sbody-td\">1ACED25FBD41ADDE7B93A0F9E50A7E7D4ED05BDD</td><td class=\"sbody-td\">A01A8728C21D5B248DB989DCB231B3BA351578669900EDEF54F912C81795254A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-NLD.exe</td><td class=\"sbody-td\">0E7CCBDE7F17EB9E6E6BF1913C39A0B2E7FD0CDA</td><td class=\"sbody-td\">E30B460876DA7CBBFD904F82FE2A3FD0CB0461B63D1BA069E55C8E1194A15940</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-PLK.exe</td><td class=\"sbody-td\">B2974D75FB4B346C0B77E697BE70B2F569A6CD19</td><td class=\"sbody-td\">2E5BD9C9A2CABF73EE42371C307AB94F5FA797AD9F58C8C39C07979EFD520391</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-PTB.exe</td><td class=\"sbody-td\">DBC961BBBA27F8197D4FA4805A1C049E741809F2</td><td class=\"sbody-td\">49F2FF2B267A03CCE796323995C87ED8197A76C4337A990E8C440E930EF432D9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-PTG.exe</td><td class=\"sbody-td\">B6C8DD636F507D5A55D63FABBDC172F4C2F6FB33</td><td class=\"sbody-td\">0706141DC9D2EBB4F3BF39219E5511F2379C37BC3909213F2CD44BFA27038F23</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-RUS.exe</td><td class=\"sbody-td\">1F2033D06D6E73CFD86F1B8257662D9D4AD2C3E8</td><td class=\"sbody-td\">3B54885E65E67916C46B1257E1F956C5A270700EDAE3E474BA21656CAAB7CCA9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-SVE.exe</td><td class=\"sbody-td\">0DC807E813576BF5B3826C496938C9FA52C71D8A</td><td class=\"sbody-td\">C1193D50FA325284E3E515774F3EC749747FB7A59D42031A0F9C6207EF5A9A61</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB3070102-x86-TRK.exe</td><td class=\"sbody-td\">3B1DFA452153E2A6819851248A1B04C2F209B033</td><td class=\"sbody-td\">8CED120C583CB3ECA3C5A5C0919AA4F936D206022CC8E06113603DC6965CA70D</td></tr></table></div></div><br/></span></div></div></div><a class=\"bookmark\" id=\"fileinfo\"></a><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File information<br/></span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"> <br/>The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.<br/><br/><br/><h3 class=\"sbody-h3\">Windows Server 2003 file information<br/></h3><div class=\"kb-collapsible kb-collapsible-collapsed\"><ul class=\"sbody-free_list\"><li>The files that apply to a specific milestone (SP<strong class=\"sbody-strong\">n</strong>) and service branch (QFE, GDR) are noted in the \"SP requirement\" and \"Service branch\" columns.</li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.</li><li>In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KB<strong class=\"sbody-strong\">number</strong>.cat) that is signed with a Microsoft digital signature.</li></ul><h4 class=\"sbody-h4\">For all supported x64-based versions of Windows Server 2003</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">5.2.3790.5667</td><td class=\"sbody-td\">4,662,784</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">04:48</td><td class=\"sbody-td\">x64</td></tr></table></div><h4 class=\"sbody-h4\">For all supported x86-based versions of Windows Server 2003</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">5.2.3790.5667</td><td class=\"sbody-td\">1,894,400</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">04:25</td><td class=\"sbody-td\">x86</td></tr></table></div><h4 class=\"sbody-h4\">For all supported IA-64-based versions of Windows Server 2003</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">5.2.3790.5667</td><td class=\"sbody-td\">5,688,832</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">04:48</td><td class=\"sbody-td\">IA-64</td></tr></table></div><h3 class=\"sbody-h3\">Windows Vista and Windows Server 2008 file information<br/></h3><div class=\"kb-collapsible kb-collapsible-collapsed\"><ul class=\"sbody-free_list\"><li>The files that apply to a specific product, milestone (SP<strong class=\"sbody-strong\">n</strong>), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:<br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\"><span class=\"text-base\">Version</span></th><th class=\"sbody-th\"><span class=\"text-base\">Product</span></th><th class=\"sbody-th\"><span class=\"text-base\">Milestone</span></th><th class=\"sbody-th\"><span class=\"text-base\">Service branch</span></th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.0.600<span class=\"text-base\">2</span>.<span class=\"text-base\">18</span><strong class=\"sbody-strong\">xxx</strong></td><td class=\"sbody-td\">Windows Vista SP2 and Windows Server 2008 SP2</td><td class=\"sbody-td\">SP2</td><td class=\"sbody-td\">GDR</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.0.600<span class=\"text-base\">2</span>.<span class=\"text-base\">23</span><strong class=\"sbody-strong\">xxx</strong></td><td class=\"sbody-td\">Windows Vista SP2 and Windows Server 2008 SP2</td><td class=\"sbody-td\">SP2</td><td class=\"sbody-td\">LDR</td></tr></table></div></li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.</li></ul><span class=\"text-base\">Note</span> The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.<br/><br/><h4 class=\"sbody-h4\">For all supported x86-based versions of Windows Vista and Windows Server 2008</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.0.6002.19429</td><td class=\"sbody-td\">2,066,432</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">02:57</td><td class=\"sbody-td\">x86</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.0.6002.23735</td><td class=\"sbody-td\">2,074,624</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">02:55</td><td class=\"sbody-td\">x86</td></tr></table></div><h4 class=\"sbody-h4\">For all supported x64-based versions of Windows Vista and Windows Server 2008</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.0.6002.19429</td><td class=\"sbody-td\">2,796,032</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">03:09</td><td class=\"sbody-td\">x64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.0.6002.23735</td><td class=\"sbody-td\">2,798,592</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">03:26</td><td class=\"sbody-td\">x64</td></tr></table></div><h4 class=\"sbody-h4\">For all supported IA-64-based versions of Windows Server 2008</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.0.6002.19429</td><td class=\"sbody-td\">6,707,712</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">02:59</td><td class=\"sbody-td\">IA-64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.0.6002.23735</td><td class=\"sbody-td\">6,717,952</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">02:57</td><td class=\"sbody-td\">IA-64</td></tr></table></div><h3 class=\"sbody-h3\">Windows 7 and Windows Server 2008 R2 file information<br/></h3><div class=\"kb-collapsible kb-collapsible-collapsed\"><ul class=\"sbody-free_list\"><li>The files that apply to a specific product, milestone (RTM, SP<strong class=\"sbody-strong\">n</strong>), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table: <br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\"><span class=\"text-base\">Version</span></th><th class=\"sbody-th\"><span class=\"text-base\">Product</span></th><th class=\"sbody-th\"><span class=\"text-base\">Milestone</span></th><th class=\"sbody-th\"><span class=\"text-base\">Service branch</span></th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.1.760<span class=\"text-base\">1</span>.<span class=\"text-base\">18</span>xxx</td><td class=\"sbody-td\">Windows 7 and Windows Server 2008 R2</td><td class=\"sbody-td\">SP1</td><td class=\"sbody-td\">GDR</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.1.760<span class=\"text-base\">1</span>.<span class=\"text-base\">22</span>xxx</td><td class=\"sbody-td\">Windows 7 and Windows Server 2008 R2</td><td class=\"sbody-td\">SP1</td><td class=\"sbody-td\">LDR</td></tr></table></div></li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.</li></ul><span class=\"text-base\">Note</span> The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.<br/><br/><h4 class=\"sbody-h4\">For all supported x86-based versions of Windows 7</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.1.7601.18906</td><td class=\"sbody-td\">2,383,872</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">08:46</td><td class=\"sbody-td\">x86</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.1.7601.23109</td><td class=\"sbody-td\">2,392,576</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">08:29</td><td class=\"sbody-td\">x86</td></tr></table></div><h4 class=\"sbody-h4\">For all supported x64-based versions of Windows 7 and Windows Server 2008 R2</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.1.7601.18906</td><td class=\"sbody-td\">3,207,168</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">08:57</td><td class=\"sbody-td\">x64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.1.7601.23109</td><td class=\"sbody-td\">3,210,240</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">08:49</td><td class=\"sbody-td\">x64</td></tr></table></div><h4 class=\"sbody-h4\">For all supported IA-64-based versions of Windows Server 2008 R2</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.1.7601.18906</td><td class=\"sbody-td\">7,505,920</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">08:17</td><td class=\"sbody-td\">IA-64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.1.7601.23109</td><td class=\"sbody-td\">7,513,088</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">08:06</td><td class=\"sbody-td\">IA-64</td></tr></table></div><h3 class=\"sbody-h3\">Windows 8 and Windows Server 2012 file information<br/></h3><div class=\"kb-collapsible kb-collapsible-collapsed\"><ul class=\"sbody-free_list\"><li>The files that apply to a specific product, milestone (RTM,SP<strong class=\"sbody-strong\">n</strong>), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:<br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\"><span class=\"text-base\">Version</span></th><th class=\"sbody-th\"><span class=\"text-base\">Product</span></th><th class=\"sbody-th\"><span class=\"text-base\">Milestone</span></th><th class=\"sbody-th\"><span class=\"text-base\">Service branch</span></th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.2.920 <span class=\"text-base\">0.16</span> xxx</td><td class=\"sbody-td\">Windows 8 and Windows Server 2012</td><td class=\"sbody-td\">RTM</td><td class=\"sbody-td\">GDR</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.2.920 <span class=\"text-base\">0.20</span> xxx</td><td class=\"sbody-td\">Windows 8 and Windows Server 2012</td><td class=\"sbody-td\">RTM</td><td class=\"sbody-td\">LDR</td></tr></table></div></li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.</li></ul><span class=\"text-base\">Note</span> The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.<br/><br/><h4 class=\"sbody-h4\">For all supported x86-based versions of Windows 8</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,172</td><td class=\"sbody-td\">11-Oct-2012</td><td class=\"sbody-td\">00:38</td><td class=\"sbody-td\">Not applicable</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.2.9200.17419</td><td class=\"sbody-td\">3,391,488</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">01:53</td><td class=\"sbody-td\">x86</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,172</td><td class=\"sbody-td\">25-Jul-2012</td><td class=\"sbody-td\">20:33</td><td class=\"sbody-td\">Not applicable</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.2.9200.21528</td><td class=\"sbody-td\">3,378,688</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">01:59</td><td class=\"sbody-td\">x86</td></tr></table></div><h4 class=\"sbody-h4\">For all supported x64-based versions of Windows 8 and Windows Server 2012</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,172</td><td class=\"sbody-td\">11-Oct-2012</td><td class=\"sbody-td\">00:37</td><td class=\"sbody-td\">Not applicable</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.2.9200.17419</td><td class=\"sbody-td\">4,064,768</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">01:54</td><td class=\"sbody-td\">x64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,172</td><td class=\"sbody-td\">25-Jul-2012</td><td class=\"sbody-td\">20:29</td><td class=\"sbody-td\">Not applicable</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.2.9200.21528</td><td class=\"sbody-td\">4,062,208</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">01:58</td><td class=\"sbody-td\">x64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Wow64_win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,172</td><td class=\"sbody-td\">12-Feb-2013</td><td class=\"sbody-td\">00:14</td><td class=\"sbody-td\">Not applicable</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Wow64_win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,172</td><td class=\"sbody-td\">12-Feb-2013</td><td class=\"sbody-td\">00:09</td><td class=\"sbody-td\">Not applicable</td></tr></table></div><h3 class=\"sbody-h3\">Windows 8.1 and Windows Server 2012 R2 file information<br/></h3><div class=\"kb-collapsible kb-collapsible-collapsed\"><ul class=\"sbody-free_list\"><li>The files that apply to a specific product, milestone (RTM,SP<strong class=\"sbody-strong\">n</strong>), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:<br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\"><span class=\"text-base\">Version</span></th><th class=\"sbody-th\"><span class=\"text-base\">Product</span></th><th class=\"sbody-th\"><span class=\"text-base\">Milestone</span></th><th class=\"sbody-th\"><span class=\"text-base\">Service branch</span></th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.3.920 <span class=\"text-base\">0.16</span> xxx</td><td class=\"sbody-td\">Windows 8.1 and Windows Server 2012 R2</td><td class=\"sbody-td\">RTM</td><td class=\"sbody-td\">GDR</td></tr></table></div></li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.</li></ul><span class=\"text-base\">Note</span> The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.<br/><br/><br/><h4 class=\"sbody-h4\">For all supported x86-based versions of Windows 8.1</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,213</td><td class=\"sbody-td\">21-Aug-2013</td><td class=\"sbody-td\">23:39</td><td class=\"sbody-td\">Not applicable</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.3.9600.17915</td><td class=\"sbody-td\">3,531,776</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">02:29</td><td class=\"sbody-td\">x86</td></tr></table></div><h4 class=\"sbody-h4\">For all supported x64-based versions of Windows 8.1 and Windows Server 2012 R2</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,213</td><td class=\"sbody-td\">22-Aug-2013</td><td class=\"sbody-td\">06:44</td><td class=\"sbody-td\">Not applicable</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Win32k.sys</td><td class=\"sbody-td\">6.3.9600.17915</td><td class=\"sbody-td\">4,177,920</td><td class=\"sbody-td\">25-Jun-2015</td><td class=\"sbody-td\">02:31</td><td class=\"sbody-td\">x64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Wow64_win32k.ptxml</td><td class=\"sbody-td\">Not applicable</td><td class=\"sbody-td\">4,213</td><td class=\"sbody-td\">21-Aug-2013</td><td class=\"sbody-td\">23:39</td><td class=\"sbody-td\">Not applicable</td></tr></table></div></div><br/></div></div></div></div></div></span></div></div></div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">How to obtain help and support for this security update</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\">Help for installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-18\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <a href=\"https://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-19\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help for protecting your Windows-based computer from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-20\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-21\" target=\"_self\">International Support</a></div><br/></span></div></div></div></div></body></html>", "modified": "2015-07-14T17:16:52", "id": "KB3070102", "href": "https://support.microsoft.com/en-us/help/3070102/", "published": "2017-01-07T22:25:30", "title": "MS15-073: Vulnerabilities in Windows kernel-mode driver could allow elevation of privilege: July 14, 2015", "type": "mskb", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-02-21T01:24:34", "bulletinFamily": "scanner", "description": "The remote Windows host is affected by multiple vulnerabilities :\n\n - Multiple privilege escalation vulnerabilities exist in the Windows kernel-mode driver due to improper handling of objects in memory. A local attacker can exploit these vulnerabilities, with a specially crafted application, to elevate privileges to full administrative rights.\n (CVE-2015-2363, CVE-2015-2365, CVE-2015-2366)\n\n - An information disclosure vulnerability exists in the Windows kernel-mode driver due to improper handling of non-initialized values in memory. An attacker can exploit this vulnerability, with a specially crafted application, to leak memory addresses or other sensitive kernel information that can be used for further exploitation of the system. (CVE-2015-2367)\n\n - An information disclosure vulnerability exists in the Windows kernel-mode driver due to improper handling of private address information during a function call. An attacker can exploit this vulnerability, with a specially crafted application, to request the contents of specific memory addresses. (CVE-2015-2381, CVE-2015-2382)", "modified": "2018-11-15T00:00:00", "id": "SMB_NT_MS15-073.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84747", "published": "2015-07-14T00:00:00", "title": "MS15-073: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84747);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\n \"CVE-2015-2363\",\n \"CVE-2015-2365\",\n \"CVE-2015-2366\",\n \"CVE-2015-2367\",\n \"CVE-2015-2381\",\n \"CVE-2015-2382\"\n );\n #script_bugtraq_id();\n script_xref(name:\"MSFT\", value:\"MS15-073\");\n script_xref(name:\"MSKB\", value:\"3070102\");\n script_xref(name:\"IAVA\", value:\"2015-A-0162\");\n\n script_name(english:\"MS15-073: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102)\");\n script_summary(english:\"Checks the file version of Win32k.sys.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is affected by multiple vulnerabilities :\n\n - Multiple privilege escalation vulnerabilities exist in\n the Windows kernel-mode driver due to improper handling\n of objects in memory. A local attacker can exploit these\n vulnerabilities, with a specially crafted application,\n to elevate privileges to full administrative rights.\n (CVE-2015-2363, CVE-2015-2365, CVE-2015-2366)\n\n - An information disclosure vulnerability exists in the\n Windows kernel-mode driver due to improper handling of\n non-initialized values in memory. An attacker can\n exploit this vulnerability, with a specially crafted\n application, to leak memory addresses or other sensitive\n kernel information that can be used for further\n exploitation of the system. (CVE-2015-2367)\n\n - An information disclosure vulnerability exists in the\n Windows kernel-mode driver due to improper handling of\n private address information during a function call. An\n attacker can exploit this vulnerability, with a\n specially crafted application, to request the contents\n of specific memory addresses. (CVE-2015-2381,\n CVE-2015-2382)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-073\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Windows 2003, Vista, 2008,\n7, 2008 R2, 8, RT, 2012, 8.1, RT 8.1, and 2012 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS15-073';\nkb = '3070102';\n\nkbs = make_list(kb);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win2003:'2', vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n# Some of the 2k3 checks could flag XP 64, which is unsupported\nif (\"Windows XP\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"Win32k.sys\", version:\"6.3.9600.17915\", min_version:\"6.3.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 8 / Windows Server 2012\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"Win32k.sys\", version:\"6.2.9200.21528\", min_version:\"6.2.9200.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"Win32k.sys\", version:\"6.2.9200.17419\", min_version:\"6.2.9200.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 7 / Server 2008 R2\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Win32k.sys\", version:\"6.1.7601.23109\", min_version:\"6.1.7601.22000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Win32k.sys\", version:\"6.1.7601.18906\", min_version:\"6.1.7600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Vista / Windows Server 2008\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Win32k.sys\", version:\"6.0.6002.23735\", min_version:\"6.0.6002.23000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Win32k.sys\", version:\"6.0.6002.19429\", min_version:\"6.0.6001.18000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows Server 2003\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Win32k.sys\", version:\"5.2.3790.5667\", dir:\"\\system32\", bulletin:bulletin, kb:kb)\n)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2019-03-21T00:15:04", "bulletinFamily": "info", "description": "### *Detect date*:\n07/14/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code or obtain sensitive information.\n\n### *Affected products*:\nMicrosoft Windows Server 2003 Service Pack 2 \nMicrosoft Windows Server 2003 R2 Service Pack 2 \nWindows Vista x86, x64 Service Pack 2 \nMicrosoft Windows 7 x86, x64 Service Pack 1 \nMicrosoft Windows Server 2008 x64 Service Pack 1 \nMicrosoft Windows Server 2008 R2 x64 Service Pack 1 \nMicrosoft Windows 8 x86, x64 \nMicrosoft Windows 8.1 x86, x64 \nMicrosoft Windows Server 2012 \nMicrosoft Windows Server 2012 R2 \nMicrosoft Windows RT 8.1\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2015-2416](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2416>) \n[CVE-2015-2364](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2364>) \n[CVE-2015-2371](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2371>) \n[CVE-2015-2417](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2417>) \n[CVE-2015-2363](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2363>) \n[CVE-2015-2373](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2373>) \n[CVE-2015-2387](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2387>) \n[CVE-2015-2382](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2382>) \n[CVE-2015-2361](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2361>) \n[CVE-2015-2370](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2370>) \n[CVE-2015-2366](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2366>) \n[CVE-2015-2367](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2367>) \n[CVE-2015-2368](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2368>) \n[CVE-2015-2369](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2369>) \n[CVE-2015-2362](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2362>) \n[CVE-2015-2374](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2374>) \n[CVE-2015-2381](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2381>) \n[CVE-2015-2365](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2365>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows Vista](<https://threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/>)\n\n### *CVE-IDS*:\n[CVE-2015-2416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2416>)5.0Critical \n[CVE-2015-2364](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2364>)7.2Critical \n[CVE-2015-2371](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2371>)6.9Critical \n[CVE-2015-2417](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2417>)5.0Critical \n[CVE-2015-2363](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2363>)7.2Critical \n[CVE-2015-2373](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2373>)10.0Critical \n[CVE-2015-2387](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2387>)7.2Critical \n[CVE-2015-2382](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2382>)2.1Critical \n[CVE-2015-2361](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2361>)7.2Critical \n[CVE-2015-2370](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2370>)7.2Critical \n[CVE-2015-2366](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2366>)7.2Critical \n[CVE-2015-2367](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2367>)2.1Critical \n[CVE-2015-2368](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2368>)6.9Critical \n[CVE-2015-2369](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2369>)6.9Critical \n[CVE-2015-2362](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2362>)7.2Critical \n[CVE-2015-2374](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2374>)3.3Critical \n[CVE-2015-2381](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2381>)2.1Critical \n[CVE-2015-2365](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2365>)7.2Critical\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[3072631](<http://support.microsoft.com/kb/3072631>) \n[3068457](<http://support.microsoft.com/kb/3068457>) \n[3046339](<http://support.microsoft.com/kb/3046339>) \n[3069392](<http://support.microsoft.com/kb/3069392>) \n[3072630](<http://support.microsoft.com/kb/3072630>) \n[3067505](<http://support.microsoft.com/kb/3067505>) \n[3073094](<http://support.microsoft.com/kb/3073094>) \n[3077657](<http://support.microsoft.com/kb/3077657>) \n[3067904](<http://support.microsoft.com/kb/3067904>) \n[3072000](<http://support.microsoft.com/kb/3072000>) \n[3046359](<http://support.microsoft.com/kb/3046359>) \n[3061512](<http://support.microsoft.com/kb/3061512>) \n[3069762](<http://support.microsoft.com/kb/3069762>) \n[3072633](<http://support.microsoft.com/kb/3072633>) \n[3067903](<http://support.microsoft.com/kb/3067903>) \n[3070738](<http://support.microsoft.com/kb/3070738>) \n[3070102](<http://support.microsoft.com/kb/3070102>)", "modified": "2019-03-07T00:00:00", "published": "2015-07-14T00:00:00", "id": "KLA10631", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10631", "title": "\r KLA10631Multiple vulnerabilities in Microsoft Windows ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:01", "bulletinFamily": "software", "description": "Internet Explorer and VBScript multiple security vulnerabilities, RDP code execution, Hyper-V code execution, multiple privilege escalations.", "modified": "2015-07-19T00:00:00", "published": "2015-07-19T00:00:00", "id": "SECURITYVULNS:VULN:14594", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14594", "title": "Microsoft Windows multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}