Description

This security update resolves privately reported vulnerabilities in Windows. The most severe effect of the vulnerabilities is elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. An attacker who has successfully exploited the vulnerabilities could run arbitrary code in the security context of the account of another user who is logged on to the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. To learn more about the vulnerabilities, see [Microsoft Security Bulletin MS15-025](https://technet.microsoft.com/library/security/ms15-025). This package requires Service Pack 1 for Windows 7 or Windows Server 2008 R2 to be installed first. The [KB976932 package](https://chocolatey.org/packages/KB976932) may be used to install it. On Windows Vista or Windows Server 2008, Service Pack 2 is required. On systems later than Windows 8.1 or Windows Server 2012 R2, this package installs successfully, but does nothing. This update is recommended to install before installing KB3033929 on Windows 7 or Windows Server 2008 R2.

Vulnerabilities

No vulnerabilities detected

Did you Know?

DevAudit is a free open source tool that makes it easy to find vulnerabilities in Chocolatey components. You can use it to scan anytime, or include it as part of your CI/CD pipeline so you never miss a vulnerability.

Scan a Chocolatey project

The Nexus Vulnerability Scanner audits projects for OSS risk and gives you a full software bill of materials (SBOM) using premium data from the Nexus Platform, our enterprise suite of products.

Scan your application today

Sign up and see:

Detailed component information including:
  • Version history
  • Declared licenses
  • Vulnerability details
Sign Up