9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.01 Low
EPSS
Percentile
84.0%
<html><body><p>Resolves a vulnerability in Microsoft Silverlight that could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system.</p><h2>Summary</h2><div>This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system. To exploit the vulnerability, an attacker would first have to log on to the system or convince a user who is logged on to execute the specially crafted application. </div><h2>Introduction</h2><div>Microsoft has released security bulletin MS15-049. To learn more about this security bulletin:<br /><ul><li>Home users:<br /><div><a href=āhttps://www.microsoft.com/security/pc-security/updates.aspxā target=ā_selfā>https://www.microsoft.com/security/pc-security/updates.aspx</a></div><span>Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br /><div><a href=āhttps://www.update.microsoft.com/microsoftupdate/ā target=ā_selfā>https://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br /><div><a href=āhttps://technet.microsoft.com/library/security/ms15-049ā target=ā_selfā>https://technet.microsoft.com/library/security/MS15-049</a></div></li></ul><h3>How to obtain help and support for this security update</h3>Help installing updates:<br /><a href=āhttps://support.microsoft.com/ph/6527ā target=ā_selfā>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals:<br /><a href=āhttps://technet.microsoft.com/security/bb980617.aspxā target=ā_selfā>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your Windows-based computer from viruses and malware:<br /><a href=āhttps://support.microsoft.com/contactus/cu_sc_virsec_masterā target=ā_selfā>Virus Solution and Security Center</a><br /><br />Local support according to your country:<br /><a href=āhttps://support.microsoft.com/common/international.aspxā target=ā_selfā>International Support</a><br /><br /></div><h2>More Information</h2><div><div><div><div><span><span></span></span><span><span>Security update deployment information</span></span></div><div><p></p><div><h4><span>Silverlight 5 for Mac (all editions)</span></h4><span><span>Reference Table</span><br /><br />The following table contains the security update information for this software.</span><div><table><tbody><tr><td><span><span>Security update file names</span></span></td><td><span>For Microsoft Silverlight 5 when installed on Mac:<br />Silverlight.dmg</span></td></tr><tr><td>Ā </td><td><span>For Microsoft Silverlight 5 Developer Runtime when installed on Mac:<br />silverlight_developer.dmg</span></td></tr><tr><td><span><span>Restart requirement</span></span></td><td><span>This update does not require a restart.</span></td></tr><tr><td><span><span>Removal information</span></span></td><td><span>Open the Finder, select the system drive, open the <strong>Internet Plug-ins - Library </strong>folder, and delete the file that is named āSilverlight.Plugin.ā (Be aware that the update cannot be removed without removing the Silverlight plug-in.)</span></td></tr><tr><td><span><span>File information</span></span></td><td><span>See the <a href=ā#fileinfoā target>file information</a> section.</span></td></tr><tr><td><span><span>Installation verification</span></span></td><td><span>See the Update FAQ section in <a href=āhttps://technet.microsoft.com/library/security/ms15-049ā target=ā_selfā>Security bulletin MS15-049</a> that addresses the question, āHow do I know which version and build of Microsoft Silverlight is currently installed?ā</span></td></tr></tbody></table></div><h4><span>Silverlight 5 for Windows (all supported releases)</span></h4><span><span>Reference Table</span><br /><br />The following table contains the security update information for this software.</span><div><table><tbody><tr><td><span><span>Security update file names</span></span></td><td><span>For Microsoft Silverlight 5 when installed on all supported 32-bit releases of Microsoft Windows:<br />silverlight.exe</span></td></tr><tr><td>Ā </td><td><span>For Microsoft Silverlight 5 Developer Runtime when installed on all supported 32-bit releases of Microsoft Windows:<br />silverlight_developer.exe</span></td></tr><tr><td>Ā </td><td><span>For Microsoft Silverlight 5 when installed on all supported 64-bit releases of Microsoft Windows:<br />silverlight_x64.exe</span></td></tr><tr><td>Ā </td><td><span>For Microsoft Silverlight 5 Developer Runtime when installed on all supported 64-bit releases of Microsoft Windows:<br />silverlight_developer_x64.exe</span></td></tr><tr><td><span><span>Installation switches</span></span></td><td><span>See the Silverlight Enterprise Deployment Guide</span></td></tr><tr><td><span><span>Restart requirement</span></span></td><td><span>This update does not require a restart.</span></td></tr><tr><td><span><span>Removal information</span></span></td><td><span>Use <span>Add or Remove Programs</span> item in Control Panel. (Be aware that the update cannot be removed without removing Silverlight.)</span></td></tr><tr><td><span><span>File information</span></span></td><td><span>See the <a href=ā#fileinfoā target>file information</a> section.</span></td></tr><tr><td><span><span>Registry key verification</span></span></td><td><span>For 32-bit installations of Microsoft Silverlight 5:<br /><strong>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Silverlight āVersionā = ā5.1.40416.0ā</strong></span></td></tr><tr><td>Ā </td><td><span>For 64-bit installations of Microsoft Silverlight 5:<br /><strong>HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Silverlight āVersionā = ā5.1.40416.0ā</strong>and<br /><strong>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Silverlight āVersionā = ā5.1.40416.0ā</strong></span></td></tr></tbody></table></div></div></div></div></div><a></a><a></a></div><h2>File information</h2><div>The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.<br /><br /><br /><div><div><div><span><span></span></span><span><span>Silverlight file information</span></span></div><div><span><div><h4>For all supported 64-bit releases of Microsoft Silverlight 5 for Windows</h4><div><table><tr><th>File name</th><th>File version</th><th>File size</th><th>Date</th><th>Time</th><th>Platform</th></tr><tr><td>Silverlight_developer_x64.exe</td><td>5.1.40416.0</td><td>17,876,256</td><td>16-Apr-2015</td><td>10:31</td><td>x86</td></tr><tr><td>Silverlight_x64.exe</td><td>5.1.40416.0</td><td>13,095,136</td><td>16-Apr-2015</td><td>10:07</td><td>x86</td></tr></table></div><h4>For all supported 32-bit versions of Microsoft Silverlight 5 for Windows</h4><div><table><tr><th>File name</th><th>File version</th><th>File size</th><th>Date</th><th>Time</th><th>Platform</th></tr><tr><td>Silverlight.exe</td><td>5.1.40416.0</td><td>6,962,912</td><td>16-Apr-2015</td><td>09:14</td><td>x86</td></tr><tr><td>Silverlight_developer.exe</td><td>5.1.40416.0</td><td>9,355,552</td><td>16-Apr-2015</td><td>09:40</td><td>x86</td></tr></table></div><h4>For all supported versions of Microsoft Silverlight 5 for Macintosh</h4><div><table><tr><th>File name</th><th>File version</th><th>File size</th><th>Date</th><th>Time</th><th>Platform</th></tr><tr><td>Silverlight.dmg</td><td>Not Applicable</td><td>15,241,387</td><td>20-Apr-2015</td><td>22:03</td><td>Not Applicable</td></tr><tr><td>Silverlight_developer.dmg</td><td>Not Applicable</td><td>20,902,420</td><td>20-Apr-2015</td><td>22:03</td><td>Not Applicable</td></tr></table></div></div><br /></span></div></div></div><div><div><div><span><span></span></span><span><span>File hash information</span></span></div><div><span><div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>Silverlight.dmg</td><td>6AA77FFE208D6EC38FCD8F20C2C8E24BDF1A3F97</td><td>03486C647182E33241A942A56E9DCD283C528A641CC0913FAB4CE194012A60B1</td></tr><tr><td>Silverlight.exe</td><td>5E77FD1CD6EBCC223B0BA9D6AAB9E8F2C3093937</td><td>84B5FCFAB16A8F276E314F6A8077BFA0E0E15DAB09B292445427A98CD42E4509</td></tr><tr><td>Silverlight_Developer.dmg</td><td>AA44336CAE8BA2F518EDD2A9A9DAE419EE2DBCB4</td><td>F7ABEFBEC44467897894FCF8A6A088842827D6CCD20DFD142DC2D36A4CE606A1</td></tr><tr><td>Silverlight_Developer.exe</td><td>88504FB3CABAEC6E994635C095BB4ADB92835694</td><td>1BA3FB451A8D6BB85553D84376CA13661B8DB41B2AE2DB3E8B0AE632A8E64258</td></tr><tr><td>Silverlight_Developer_x64.exe</td><td>7EB10A6A8FB9CADBD221986E3044CCE4C88D9EEA</td><td>05166B734A1B29C07615AB54783D712E1384D3D37927F671B269228193CD3D1E</td></tr><tr><td>Silverlight_x64.exe</td><td>2F3040E5F7028C2D42CFF848F361C06F3D237376</td><td>A3F8A7345737CEE988C52B912742E0E3AD2CB3B2676E7313B83F18878CAFB0B6</td></tr></table></div></div><br /></span></div></div></div></div></body></html>