Original release date: February 10, 2015
Microsoft has released Security Bulletin MS15-011 to address a critical vulnerability in Windows. Exploitation of this vulnerability could allow a remote attacker to take complete control of an affected system.
This security update contains a new policy feature (UNC Hardened Access) which is not enabled by default. To enable this feature, a system administrator must deploy the update, then apply the Group Policy settings described in the bulletin. For complete protection against this vulnerability, system reboots are required. Other than the update and configuration instructions contained in the Security Bulletin, there are no known workarounds or mitigations for this vulnerability. Updates are not available for Windows XP, Windows Server 2003, or Windows 2000.
US-CERT strongly recommends administrators prioritize the application of the patch, and concurrently review and test the necessary configuration changes discussed in the associated Knowledge Base article (KB3000483).
This product is provided subject to this Notification and this Privacy & Use policy.