MS15-030: Vulnerability in Remote Desktop protocol could allow denial of service: March 10, 2015

<html><body><p>Resolves a vulnerability in Microsoft Windows that could allow denial of service if an attacker creates multiple RDP sessions which fail to properly free objects in memory. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.</p><h2>Summary</h2><div>This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker creates multiple RDP sessions which fail to properly free objects in memory. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.</div><h2>Introduction</h2><div>Microsoft has released security bulletin MS15-030. To learn more about this security bulletin:<br /><ul><li>Home users:<br /><div><a href=“https://www.microsoft.com/security/pc-security/updates.aspx” target=“_self”>https://www.microsoft.com/security/pc-security/updates.aspx</a></div><span>Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br /><div><a href=“https://update.microsoft.com/microsoftupdate/” target=“_self”>https://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br /><div><a href=“https://technet.microsoft.com/library/security/ms15-030” target=“_self”>https://technet.microsoft.com/library/security/MS15-030</a></div></li></ul><h3>How to obtain help and support for this security update</h3>Help installing updates:<br /><a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals:<br /><a href=“https://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your Windows-based computer from viruses and malware:<br /><a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country:<br /><a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a><br /><br /></div><h2>More Information</h2><div><h3>Known issues and additional information about this security update</h3>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.<br /><ul><li><div><a href=“https://support.microsoft.com/en-us/help/3036493”>3036493 </a> MS15-030: Description of the security update for Remote Desktop protocol: March 10, 2015</div>Known issues in security update 3036493:<br /><ul><li>If you uninstall this security update, you may have to restart the computer two times. <br /><br /><br /><br /><br /><span>Note </span>We do not recommend that you uninstall any security update. <br /><br /> </li></ul></li><li><div><a href=“https://support.microsoft.com/en-us/help/3035017”>3035017 </a> MS15-030: Description of the security update for Remote Desktop protocol: March 10, 2015</div></li></ul><div><div><div><span><span></span></span><span><span>Security update deployment information</span></span></div><div><span><div><h4>Windows 7 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Security update file name</span></td><td>For all supported 32-bit editions of Windows 7:<br /><span>Windows6.1-KB3035017-x86.msu<br />Windows6.1-KB3036493-x86.msu</span></td></tr><tr><td></td><td>For all supported x64-based editions of Windows 7:<br /><span>Windows6.1-KB3035017-x64.msu<br />Windows6.1-KB3036493-x64.msu</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>Yes, you must restart your system after you apply this security update.</td></tr><tr><td><span>Removal information</span></td><td>To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click <span>Control Panel</span>, click <span>System and Security</span>, and under <strong>Windows Update</strong>, click <span>View installed updates</span>, and then select from the list of updates.</td></tr><tr><td><span>File information</span></td><td>See the <a href=“https://support.microsoft.com/help/3039976#fileinfo” target=“_self”>file information</a> section.</td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4>Windows 8 and Windows 8.1 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Security update file name</span></td><td>For all supported 32-bit editions of Windows 8:<br /><span>Windows8-RT-KB3035017-x86.msu</span></td></tr><tr><td></td><td>For all supported x64-based editions of Windows 8:<br /><span>Windows8-RT-KB3035017-x64.msu</span></td></tr><tr><td></td><td>For all supported 32-bit editions of Windows 8.1:<br /><span>Windows8.1-KB3035017-x86.msu</span></td></tr><tr><td></td><td>For all supported x64-based editions of Windows 8.1:<br /><span>Windows8.1-KB3035017-x64.msu</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>Yes, you must restart your system after you apply this security update.</td></tr><tr><td><span>Removal information</span></td><td>To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click <span>Control Panel</span>, click <span>System and Security</span>, click <span>Windows Update</span>, and under <strong>See also</strong>, click <span>Installed updates</span>, and then select from the list of updates.</td></tr><tr><td><span>File information</span></td><td>See the <a href=“https://support.microsoft.com/help/3039976#fileinfo” target=“_self”>file information</a> section.</td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4>Windows Server 2012 and Windows Server 2012 R2 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Security update file name</span></td><td>For all supported editions of Windows Server 2012:<br /><span>Windows8-RT-KB3035017-x64.msu</span></td></tr><tr><td></td><td>For all supported editions of Windows Server 2012 R2:<br /><span>Windows8.1-KB3035017-x64.msu</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>Yes, you must restart your system after you apply this security update.</td></tr><tr><td><span>Removal information</span></td><td>To uninstall an update that is installed by WUSA, use the /Uninstall setup switch. Or, click <span>Control Panel</span>, click <span>System and Security</span>, click <span>Windows Update</span>, and under <strong>See also</strong>, click <span>Installed updates</span>, and then select from the list of updates.</td></tr><tr><td><span>File information</span></td><td>See the <a href=“https://support.microsoft.com/help/3039976#fileinfo” target=“_self”>file information</a> section.</td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div></div><br /></span></div></div></div><a></a></div><h2>File information</h2><div><div><div><div><span><span></span></span><span><span>File hash information</span></span></div><div><span><div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>Windows6.1-KB3035017-x64.msu</td><td>55C640C841C40159D46C023E72E2442B36A6A88B</td><td>FB64CACE6EBE45E4625C4D67A00FE2C2BDC3E1297817069EF53902D30336CC53</td></tr><tr><td>Windows6.1-KB3036493-x86.msu</td><td>8A2DFDA55272F2E7119A3002698196FAC447C35D</td><td>C3CCB76804547EB7E8B82F93E20BB0AB451456328E3D93117A291DE80AC852B3</td></tr><tr><td>Windows8-RT-KB3035017-x64.msu</td><td>A998FAB5E4787685EFA0D9E9E229F69AF1CB31DB</td><td>096E51B2DD34C9F00E50621F6FC504D2D8B1B47FBA29FE52C7AF164638D1B4D0</td></tr><tr><td>Windows8-RT-KB3035017-x86.msu</td><td>D994A15A1349322AC6BA6A6F49C84326CD5FD43F</td><td>F271914531FB227D65D21394FB0F0F7C8C2EE7259A542EEC0DAE8393E29D0717</td></tr><tr><td>Windows8.1-KB3035017-x64.msu</td><td>DAE9021A026562976104A170EA810E1A55980233</td><td>3254ECB3959433AEEA762C080FDEDE98FA2B6C8C1462E14AFD5C2D74C2C6865D</td></tr><tr><td>Windows6.1-KB3035017-x86.msu</td><td>E31388FAF790F0077FF536CB22FB6000C7E4B6BA</td><td>36840EB3B1F37BDB6EFB2A27C814B8E41A1C46196F3A508B6C3B3B68C480343D</td></tr><tr><td>Windows8.1-KB3035017-x86.msu</td><td>E8B8F45192A2336610C520AD3F89EC3A3F235ACD</td><td>2E6CA0E2829D289D0B45C89663B793181B44CB127FB57B37831C620F6791099B</td></tr><tr><td>Windows6.1-KB3036493-x64.msu</td><td>FC312F6BC2A8B9F5E15BBB2F4782BAD387688DC6</td><td>3A5426110B49B2904C98810329872A5BCA50938980D1F3930F2F99D0F2BDC98E</td></tr></table></div></div><br /></span></div></div></div></div></body></html>