Description of the security update for the Windows elevation of privilege vulnerability in Windows Server 2008: July 10, 2018

Summary

An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape.

To learn more about the vulnerability, go to CVE-2018-8314.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.ImportantIf you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

More Information

How to obtain help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:Security update deployment information: July 10, 2018File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

**Note:**The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

Windows Server 2008 file information

File hash information

File name	SHA1 hash	SHA256 hash
Windows6.0-KB4339503-x86.msu	4D8674F0824454635D3C4656BF58741EED23F177	C90E66412E2F3EF6A13723973159823B1CF1FA6BD54BD29C94BE6C0685C9F296
Windows6.0-KB4339503-ia64.msu	F64DD3C48145AC9CCCC8C441186207DEDF8625ED	F519EB18B8886148D84960947C36236328616945F307577211E3425BD6A0631A
Windows6.0-KB4339503-x64.msu	3BB3B2A98B2B838FCEE445C0AA95D1FF25E52EF3	431C0774854C6442B2230CF688DD427D5C352C9CE28B8B40A6E6C18A9B26F52E

For all supported x86-based versions

File name	File version	File size	Date	Time	Platform
Browseui.dll	6.0.6002.24414	1,324,544	11-Jun-2018	14:58	x86
Shell32.dll	6.0.6002.24414	11,591,168	11-Jun-2018	14:58	x86

For all supported ia64-based versions

File name	File version	File size	Date	Time	Platform
Browseui.dll	6.0.6002.24414	3,176,960	11-Jun-2018	14:33	IA-64
Shell32.dll	6.0.6002.24414	19,099,648	11-Jun-2018	14:33	IA-64
Shell32.dll	6.0.6002.24414	11,591,168	11-Jun-2018	14:58	x86
Browseui.dll	6.0.6002.24414	1,324,544	11-Jun-2018	14:58	x86

For all supported x64-based versions

File name	File version	File size	Date	Time	Platform
Browseui.dll	6.0.6002.24414	1,650,688	12-Jun-2018	02:26	x64
Shell32.dll	6.0.6002.24414	12,908,032	12-Jun-2018	02:26	x64
Shell32.dll	6.0.6002.24414	11,591,168	11-Jun-2018	14:58	x86
Browseui.dll	6.0.6002.24414	1,324,544	11-Jun-2018	14:58	x86