MS14-039: Vulnerability in the on-screen keyboard could allow elevation of privilege: July 8, 2014

<html><body><p>Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker uses a vulnerability in a low-integrity process to execute the on-screen keyboard (OSK) and upload a specially crafted program to the target system.</p><h2>INTRODUCTION</h2><div>Microsoft has released security bulletin MS14-039. To learn more about this security bulletin: <br /><ul><li>Home users:<br /><div><a href=“https://www.microsoft.com/security/pc-security/updates.aspx” target=“_self”>https://www.microsoft.com/security/pc-security/updates.aspx</a></div><span>Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br /><div><a href=“https://update.microsoft.com/microsoftupdate/” target=“_self”>https://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br /><div><a href=“https://technet.microsoft.com/library/security/ms14-039” target=“_self”>https://technet.microsoft.com/library/security/MS14-039</a></div></li></ul><h3>How to obtain help and support for this security update</h3>Help installing updates:<br /><a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals:<br /><a href=“https://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your Windows-based computer Windows from viruses and malware:<br /><a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country:<br /><a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a><br /><br /></div><h2>More Information</h2><div><h3>Known issues and additional information about this security update</h3>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link. <ul><li><div><a href=“https://support.microsoft.com/en-us/help/2973201”>2973201 </a> MS14-039: Description of the security update for Windows on-screen keyboard: July 8, 2014</div></li><li><div><a href=“https://support.microsoft.com/en-us/help/2973906”>2973906 </a> MS14-039: Description of the security update for Windows on-screen keyboard for systems that do not have the 2919355 update installed: July 8, 201</div></li></ul></div><h2>FILE INFORMATION</h2><div>The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.<br /><br /> <br /><br /><br /><div><div><div><span><span></span></span><span><span>File hash information<br /></span></span></div><div><span><div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>Windows6.0-KB2973201-ia64.msu</td><td>6DC5A309D9B4E649E409C79BDD44EE2E2A7B405B</td><td>F54B244CFB4DBFB2A018BA330609C0B5AD3D46456F74208A9FCF744F5DD4A11D</td></tr><tr><td>Windows6.0-KB2973201-x64.msu</td><td>883481A80A5BA87398C91F3A54C960FCC5E05D14</td><td>7F7568D07892854D88E70CBF61260D5045DBFDDDD631E6BB06EBE1EB016AAEEE</td></tr><tr><td>Windows6.0-KB2973201-x86.msu</td><td>FCCA496ED099C0F60630C707799CAB08A6D7C554</td><td>2DED9E451FE46EC12BAAF745793DEB092DB3815E0C3D905E915172545EBD02B6</td></tr><tr><td>Windows6.1-KB2973201-ia64.msu</td><td>A2E5808CCBD6D11CF3D3B451893ABE4967C26226</td><td>C31CC02DB815EF3265C58F291523E2F01ECD2BB334CD99DA82965B764BA958CB</td></tr><tr><td>Windows6.1-KB2973201-x64.msu</td><td>15CD6F4D6651B3AFEFA3C000263B8F4B8532F79F</td><td>F0963738439B9F3F55B59E68400EE6AD54790AC8850B36C01845C603170FEFBB</td></tr><tr><td>Windows6.1-KB2973201-x86.msu</td><td>F9BCD5CA097AD978ED5CA19E3CF3556E0B381882</td><td>A2D407BB563B65645E55A3815AA540EA47C5157E88ED3DE4F21C9058CFF39246</td></tr><tr><td>Windows8-RT-KB2973201-x64.msu</td><td>B8585599F803C130E8165C82DAD0F76821A3FF7E</td><td>4ECB9C667F3B372B0CA8F66D148C32C6B57BABAB42516A8DA0C9DEBD4975EF4B</td></tr><tr><td>Windows8-RT-KB2973201-x86.msu</td><td>929461DD2F90ADEA56392609D3F02DC20167DAF2</td><td>5AA898AD876D85D6FE3D403B6829048E876D719E9E23B087EFFC1F9C154DEC8F</td></tr><tr><td>Windows8.1-KB2973201-x64.msu</td><td>798C1D19F55C104E05BC2F18D0E54C322D8B89D0</td><td>CE41D43BE05665FEEB9EBFB6260F7A23AF71AA90C39334BBEA879FF783BD8E97</td></tr><tr><td>Windows8.1-KB2973201-x86.msu</td><td>98441CD6D911436404EF4E4593968FC8364165E6</td><td>27D39913656915F9022290E280F13E553C41900F706CBAAC03BFB64D83422381</td></tr><tr><td>Windows8.1-KB2973906-x64.msu</td><td>1B1AA9A23E10AE819660F42AE198AF70337CAA7C</td><td>50EE11137EAD052C1678444C97B86FD0B357D9B6AD5D608C3B38751DDE01BCF1</td></tr><tr><td>Windows8.1-KB2973906-x86.msu</td><td>4AF6D0A81AD709B6B72F017EA492629D26985027</td><td>EBCA0F7424D50EA887D7DCD5BD6668371A1E60CFEC4345D6289C6B07680A5F67</td></tr></table></div></div><br /></span></div></div></div></div></body></html>