MS16-039: Security update for Microsoft Graphics Component: April 12, 2016

Resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially...

MS16-048: Security update for CSRSS: April 12, 2016

Resolves a vulnerability in Windows that could allow security feature bypass if an attacker logs on to a target system and runs a specially crafted application.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an...

MS16-046: Security update for secondary logon: April 12, 2016

Resolves a vulnerability vulnerabilities in Windows. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.SummaryThis security update resolves a vulnerability in Microsoft Windows. An attacker who successfully exploited this vulnerability could ru...

MS16-040: Security update for Microsoft XML core services: April 12, 2016

Resolves a vulnerability in Windows that could allow remote code execution if a user clicks a specially crafted link that could allow an attacker to run malicious code remotely to take control of the user’s system. However, in all cases an attacker would have no way to force a user to click a...

MS16-041: Security update for the .NET Framework: April 12, 2016

Resolves vulnerabilities in Microsoft .NET Framework that could cause remote code execution if an attacker with access to the local system executes a malicious application.View products that this article applies to.SummaryThis security update resolves vulnerabilities in the Microsoft .NET...

MS16-049: Security update for HTTP.sys: April 12, 2016

Resolves a vulnerability in Windows that could allow denial of service if an attacker sends a specially crafted HTTP packet to a target system.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a speciall...

MS16-037: Cumulative security update for Internet Explorer: April 12, 2016

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code...

MS16-038: Cumulative security update for Microsoft Edge: April 12, 2016

Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves multiple vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code executi...

MS16-042: Security update for Microsoft Office: April 12, 2016

Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office. To learn more...

MS16-045: Security update for Windows Hyper-V: April 12, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not...

MS16-036: Security update for Adobe Flash Player: March 10, 2016

Resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows 10 Version 1511.SummaryThis update resolves vulnerabilities in Adobe Flash Player when installed on all...

MS16-032: Security update for Secondary Logon to address elevation of privilege: March 8, 2016

Resolves a vulnerability in Windows that could allow elevation of privilege if the Windows Secondary Logon Service fails to properly manage request handles in memory.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if...

MS16-030: Security update for Windows OLE to address remote code execution: March 8, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if Windows OLE fails to properly validate user input. An attacker could exploit the vulnerabilities to execute malicious code after convincing a user to open a specially crafted file or a program from either a webpage or a...

MS16-024: Cumulative security update for Microsoft Edge: March 8, 2016

Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves multiple vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code executi...

MS16-026: Security update for graphic fonts to address remote code execution: March 8, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if an attacker either convinces a user to open a specially crafted document, or to visit a webpage that contains specially crafted embedded OpenType fonts.SummaryThis security update resolves vulnerabilities in Microsoft...

MS16-029: Security Update for Microsoft Office to Address Remote Code Execution: March 8, 2016

Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office. To learn more...

MS16-028: Description of the security update for Windows PDF Library: March 8, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if a user opens a specially crafted .pdf file.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens a specially crafted .pdf file.T...

MS16-023: Cumulative Security Update for Internet Explorer: March 8, 2016

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code...

MS16-029: Description of the security update for Word 2016: March 8, 2016

Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allo...

MS16-027: Security update for Windows media to address remote code execution: March 8, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if a user opens specially crafted media content that is hosted on a website.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens...

MS16-034: Security update for Windows kernel-mode drivers to address elevation of privilege: March 8, 2016

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacke...

MS16-033: Security update for Windows USB mass storage class driver to address elevation of privilege: March 8, 2016

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker with physical access inserts a specially crafted USB device into the system.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if...

MS16-028: Security update for Microsoft Windows PDF Library to address remote code execution: March 8, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if a user opens a specially crafted .pdf file.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens a specially crafted .pdf file.T...

MS16-029: Description of the security update for InfoPath 2013: March 8, 2016

None None...

MS16-029: Description of the security update for InfoPath 2010: March 8, 2016

None None...

MS16-009: Cumulative Security Update for Internet Explorer: February 9, 2016

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code...

MS16-015: Security Update for Microsoft Office to Address Remote Code Execution: February 9, 2016

Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office. To learn more...

MS16-017: Security update for Remote Desktop display driver to address elevation of privilege: February 9, 2016

Resolves a vulnerability in Windows that could allow elevation of privilege if an authenticated attacker uses RDP to log on to the target system and sends specially crafted data over the connection.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could...

MS16-015: Description of the security update for Word 2016: February 9, 2016

Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allo...

MS16-011: Cumulative security update for Microsoft Edge: February 9, 2016

Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves multiple vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code executi...

MS16-022: Security update for Adobe Flash Player: February 9, 2016

Resolves vulnerabilities in Adobe Flash Player when it is installed on all supported editions of Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows 10 Version 1511.SummaryThis security update resolves vulnerabilities in Adobe Flash Player when it is...

MS16-012: Description of the security update for Windows PDF Library: February 9, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if Microsoft Windows PDF Library incorrectly handles application programming interface API calls. This could allow an attacker to run arbitrary code on the user’s system.SummaryThis security update resolves vulnerabilities...

MS16-016: Security update for WebDAV to address elevation of privilege: February 9, 2016

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker uses the Microsoft Web Distributed Authoring and Versioning WebDAV client to send specifically crafted input to a server.SummaryThis security update resolves a vulnerability in Microsoft Windows. The...

MS16-013: Security update for Windows Journal to address remote code execution: February 9, 2016

SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operat...

MS16-018: Security update for Windows kernel-mode drivers to address elevation of privilege: February 9, 2016

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an...

MS16-012: Security update for Microsoft Windows PDF Library to address remote code execution: February 9, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if Microsoft Windows PDF Library incorrectly handles application programming interface API calls. This could allow an attacker to run arbitrary code on the user’s system.SummaryThis security update resolves vulnerabilities...

MS16-019: Security update for the .NET Framework to address Denial of Service: February 9, 2016

Resolves a vulnerability in the Microsoft .NET Framework. The vulnerability could allow denial of service if an attacker inserts specially crafted XSLT into a client-side XML web part that causes recursive calls on the server.View products that this article applies to.SummaryThis security update...

MS16-014: Security update for Microsoft Windows to address remote code execution: February 9, 2016

Resolves vulnerabilities in Microsoft Windows that could allow remote code execution if an attacker can log on to a target system and run a specially crafted application.SummaryThis security update resolves vulnerabilities in Windows. The most severe of the vulnerabilities could allow remote code...

Update Rollup 10 for Microsoft Azure Site Recovery Provider

Describes the fixes that are included in Update Rollup 10 version 5.1.1400 for Microsoft Azure Site Recovery Provider.IntroductionThis article describes the fixes that are included in Update Rollup 10 version 5.1.1400 for Microsoft Azure Site Recovery Provider. Learn about the details of the fixe...

MS16-004: Description of the security update for Word 2016: January 12, 2016

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote co...

MS16-003: Description of the security update for JScript 5.8 and VBScript 5.8: January 12, 2016

Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploits this vulnerability could gain the same user rights as the current user and then install programs, create...

MS16-003: Cumulative security update for JScript and VBScript to address remote code execution: January 12, 2016

Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploits this vulnerability could gain the same user rights as the current user and then install programs or creat...

MS16-001: Cumulative Security Update for Internet Explorer: January 12, 2016

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code...

MS16-004: Security Update for Microsoft Office to Address Remote Code Execution: January 12, 2016

Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves a vulnerability in Microsoft Office. To learn more...

MS16-008: Security update for Windows kernel to address elevation of privilege: January 12, 2016

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an...

MS16-005: Security update for Windows kernel-mode drivers to address remote code execution: January 12, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if a user visits a malicious website.SummaryTo learn more about the vulnerability, see Microsoft Security Bulletin MS16-005. More InformationImportant All future security and non-security updates for Windows RT 8.1, Window...

MS16-002: Cumulative security update for Microsoft Edge: January 12, 2016

Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves multiple vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code executi...

MS16-007: Security Update for Microsoft Windows to Address Remote Code Execution: January 12, 2016

Resolves vulnerabilities in Windows that could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remo...

Update Rollup 9 for Microsoft Azure Site Recovery Provider

Describes Update Rollup 8 for Microsoft Azure Site Recovery Provider. Includes a summary of the issues that this rollup fixes.IntroductionThis article describes the fixes that are included in Update Rollup 9 version 5.1.1300 for Microsoft Azure Site Recovery Provider. Learn about the details of t...

MS15-126: Cumulative security update for JScript and VBScript to address remote code execution: December 8, 2015

Fixes vulnerabilities in the VBScript scripting engine in Windows that could allow remote code execution if an attacker hosts a specially crafted website.SummaryThis security update fixes vulnerabilities in the VBScript scripting engine in Windows. The more severe of the vulnerabilities could all...