<< Back
CVE Number Vulnerability Product Severity Date
MS15-069 Vulnerabilities in Windows Could Allow Remote Code Execution (3072631) Windows Server Important 15-07-2015

Technical Information

Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow Remote Code Execution if an attacker first places a specially crafted dynamic link library (DLL) file in the target userÆs current working directory and then convinces the user to open an RTF file or to launch a program that is designed to load a trusted DLL file but instead loads the attackerÆs specially crafted DLL file. An attacker who successfully exploited the vulnerabilities could take complete control of an affected system.

Detailed Information on the risk:

A remote code execution vulnerability exists when Microsoft Windows improperly handles the loading of dynamic link library (DLL) files. An attacker who successfully exploited the vulnerability could take complete control of an affected system.


To exploit the vulnerability, an attacker would first have to place a specially crafted DLL file in the target userÆs current working directory and then convince the user to launch a program that is designed to load a trusted DLL file but instead loads the attackerÆs specially crafted DLL file. The update addresses the vulnerability by correcting how Windows handles the loading of certain DLL files.


Further information on this exploit is available at : MS15-069

Windows Server 2003 Service Pack 2 
Windows Server 2003 x64 Edition Service Pack 2 
Windows Vista Service Pack 2 
Windows Vista x64 Edition Service Pack 2 
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 
Windows 7 for 32-bit Systems Service Pack 1 
Windows 7 for x64-based Systems Service Pack 1 
Windows Server 2008 R2 for x64-based Systems Service Pack 1 
Windows 8.1 for 32-bit Systems 
Windows 8.1 for x64-based Systems 
Windows Server 2012 R2 
Windows RT 8.1

Affected Software

Windows Server 2003 Service Pack 2 
Windows Server 2003 x64 Edition Service Pack 2 
Windows Vista Service Pack 2 
Windows Vista x64 Edition Service Pack 2 
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 
Windows 7 for 32-bit Systems Service Pack 1 
Windows 7 for x64-based Systems Service Pack 1 
Windows Server 2008 R2 for x64-based Systems Service Pack 1 
Windows 8.1 for 32-bit Systems 
Windows 8.1 for x64-based Systems 
Windows Server 2012 R2 
Windows RT 8.1