MS15-135: Security update for Windows kernel-mode drivers to address elevation of privilege: December 8, 2015

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to a targeted system and runs a specially crafted application.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an...

MS15-132: Security update for Windows to address remote code execution: December 8, 2015

Resolves vulnerabilities in Windows that could allow remote code execution if an attacker accesses a local system and runs a specially crafted application.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacke...

MS15-131: Security update for Microsoft Office to address remote code execution: December 8, 2015

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves a vulnerability in Microsoft Office. To learn more about the vulnerability, see Microsoft Security Bulletin...

MS15-126: Description of the security update for VBScript 5.8: December 8, 2015

Fixes vulnerabilities in the VBScript scripting engine in Windows that could allow remote code execution if an attacker hosts a specially crafted website.SummaryThis security update fixes vulnerabilities in the VBScript scripting engine in Windows. The more severe of the vulnerabilities could all...

MS15-133: Security update for Windows PGM to address elevation of privilege: December 8, 2015

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker logs on to a targeted system and runs a specially crafted application that, by way of a race condition, results in references to memory locations that have already been freed.SummaryThis security update...

MS15-128: Security update for Microsoft graphics component to address remote code execution: December 8, 2015

Resolves vulnerabilities in Microsoft Windows, .NET Framework, Microsoft Office, Skype for Business, Microsoft Lync, and Silverlight. The vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded...

MS15-125: Cumulative Security Update for Microsoft Edge: December 8, 2015

Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves multiple vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code executi...

MS15-124: Cumulative Security Update for Internet Explorer: December 8, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code...

MS15-123: Security update for Skype for Business and Lync to address information disclosure: November 10, 2015

Resolves a vulnerability in Skype for Business and Microsoft Lync. The vulnerability could allow information disclosure if an attacker invites a user to an instant message session and then sends that user a message that contains specially crafted JavaScript content.SummaryThis security update...

MS15-115: Security update for Windows to address remote code execution: November 10, 2015

Resolves vulnerabilities in Windows that could allow remote code execution if an attacker convinces a user to open a specially crafted document or to go to an untrusted webpage that contains embedded fonts.SummaryThis security update resolves vulnerabilities in Windows. The most severe of the...

MS15-118: Security update for the .NET Framework to address elevation of privilege: November 10, 2015

Resolves vulnerabilities in the Microsoft .NET Framework. The most severe of these vulnerabilities could allow elevation of privilege if an attacker injects a client-side script into a user's browser.February 9, 2016 This security update has been rereleased and contains an updated article. We...

MS15-113: Cumulative security update for Microsoft Edge: November 10, 2015

Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves a vulnerability in Microsoft Edge. The vulnerability could allow remote code execution if a user views a specially...

MS15-119: Security update for Winsock to address elevation of privilege: November 10, 2015

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker logs on to a computer and runs specially crafted code that exploits the vulnerability.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of...

MS15-112: Cumulative security update for Internet Explorer: November 10, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage in Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow...

MS15-122: Security update for Kerberos to address security feature bypass: November 10, 2015

Resolves a security feature bypass in Microsoft Windows. An attacker could bypass Kerberos authentication on a computer and decrypt drives that have BitLocker enabled. The bypass can be exploited only if the computer has BitLocker enabled without a PIN or USB key.SummaryThis security update...

MS15-116: Description of the security update for InfoPath 2013: November 10, 2015

None None...

MS15-116: Description of the security update for InfoPath 2010: November 10, 2015

None None...

MS15-110: Security Updates for Microsoft Office to address remote code execution: October 13, 2015

Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Office file.SummaryThis security update resolves a vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Office file. ...

MS15-109: Security update for Windows Shell to address remote code execution: October 13, 2015

Resolves vulnerabilities in Windows that could allow remote code execution if a user opens a specially crafted toolbar object in Windows or if an attacker convinces a user to view specially crafted content online.SummaryThis security update resolves vulnerabilities in Microsoft Windows. These...

MS15-111: Security Update for Windows Kernel to address elevation of privilege: October 13, 2015

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.SummaryThis security update resolves vulnerabilities in Windows. The more severe of these vulnerabilities could allow elevation of...

MS15-107: Cumulative security update for Microsoft Edge: October 13, 2015

Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves a vulnerability in Microsoft Edge. The vulnerability could allow remote code execution if a user views a specially...

MS15-108: Security update for JScript and VBScript to address remote code execution: October 13, 2015

Resolves vulnerabilities in the VBScript and JScript scripting engines in Windows that could allow remote code execution.SummaryThis security update resolves vulnerabilities in the VBScript and JScript scripting engines in Windows. The more severe of these vulnerabilities could allow remote code...

MS15-106: Cumulative security update for Internet Explorer: October 13, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage in Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow...

MS15-099: Vulnerabilities in Microsoft Office could allow remote code execution: September 8, 2015

Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Office file.SummaryThis security update resolves a vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Office file. ...

MS15-098: Vulnerabilities in Windows Journal could allow remote code execution: September 8, 2015

Resolves vulnerabilities in Windows that could allow remote code execution if a user opens a specially crafted Windows Journal file.SummaryThis security update resolves vulnerabilities in Windows that could allow remote code execution if a user opens a specially crafted Windows Journal file. User...

MS15-103: Vulnerabilities in Microsoft Exchange could allow information disclosure: September 8, 2015

Resolves a vulnerability in Microsoft Exchange Server that could allow information disclosure if Outlook Web Access OWA does not handle web server requests correctly.SummaryThis security update resolves a vulnerability in Microsoft Exchange Server that could allow information disclosure if Outloo...

MS15-102: Vulnerabilities in Windows Task Management could allow elevation of privilege: September 8, 2015

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.SummaryThis security update resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to a system and ru...

Cumulative update for Windows 10: September 8, 2015

Describes the September 8, 2015, update for Windows 10.SummaryThis update for Windows 10 includes functionality improvements and resolves the vulnerabilities in Windows that are described in the following Microsoft security bulletins:Microsoft Security Bulletin MS15-094Microsoft Security Bulletin...

MS15-094: Cumulative security update for Internet Explorer: September 8, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage in Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow...

MS15-104: Vulnerabilities in Skype for Business Server and Lync Server could allow elevation of privilege: September 8, 2015

This security update resolves vulnerabilities in Skype for Business and Microsoft Lync Server. The most severe of these vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL.SummaryThis security update resolves vulnerabilities in Skype for Business and...

MS15-105: Vulnerability in Hyper-V could allow security feature bypass: September 8, 2015

Resolves a vulnerability in Windows that could allow security feature bypass if an attacker runs a specially crafted application that could cause Windows Hyper-V to apply access control list ACL configuration settings incorrectly.SummaryThis security update resolves a vulnerability in Windows tha...

MS15-095: Cumulative security update for Microsoft Edge: September 8, 2015

Resolves vulnerabilities in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves several reported vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code...

MS15-097: Vulnerabilities in the Microsoft graphics component could allow remote code execution: September 8, 2015

Resolves vulnerabilities in Windows, Office, and Lync that could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded OpenType fonts.SummaryThis security update resolves vulnerabilities in Windows, Microsoft Office, and...

MS15-101: Vulnerabilities in the .NET Framework could allow elevation of privilege: September 8, 2015

Resolves vulnerabilities in the .NET Framework that could allow elevation of privilege if a user runs a specially crafted .NET Framework application.View products that this article applies to.SummaryThis security update resolves a vulnerability in the Microsoft .NET Framework. The vulnerabilities...

MS15-105: Description of the security update for Hyper-V: September 8, 2015

Resolves a vulnerability in Microsoft Windows that could allow security feature bypass if an attacker runs a specially crafted application that could cause Windows Hyper-V to apply access control list ACL configuration settings incorrectly.SummaryThis security update resolves a vulnerability in...

MS15-093: Security update for Internet Explorer: August 18, 2015

Resolves a vulnerability in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.SummaryThis security update resolves a vulnerability in Internet Explorer that could allow remote code execution if a user views a specially...

MS15-092: Vulnerabilities in the .NET Framework could allow elevation of privilege: August 11, 2015

Resolves vulnerabilities in the Microsoft .NET Framework that could allow elevation of privilege if a user runs a specially crafted .NET Framework application.View products that this article applies to.SummaryThis security update resolves vulnerabilities in the Microsoft .NET Framework that could...

MS15-085: Vulnerability in Mount Manager could allow elevation of privilege: August 11, 2015

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker inserts a malicious USB device into a target system. An attacker could then write a malicious binary to disk and execute the code.SummaryThis security update resolves a vulnerability in Windows that could...

Cumulative update for Windows 10: August 11, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage in Internet Explorer.SummaryThe security update for Windows 10 that is dated August 11, 2015, includes improvements to improve the functionality of Windows 10 and...

MS15-091: Cumulative security update for Microsoft Edge: August 11, 2015

Resolves vulnerabilities in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves several reported vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code...

MS15-082: Vulnerabilities in RDP could allow remote code execution: August 11, 2015

Resolves vulnerabilities in Windows that could allow remote code execution if an attacker first places a specially crafted dynamic link library DLL file in the target user’s current working directory and then convinces the user to open an RDP file or to launch a program that is designed to load a...

MS15-081: Description of the security update for Office 2016 for Mac: August 11, 2015

Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more...

MS15-084: Vulnerabilities in XML core services could allow information disclosure: August 11, 2015

Resolves vulnerabilities in Windows and Office that could allow information disclosure by either exposing memory addresses if a user clicks a specially crafted link or by explicitly allowing the use of Secure Sockets Layer SSL 2.0.Summary This security update resolves vulnerabilities in Microsoft...

MS15-088: Unsafe command-line parameter passing could allow information disclosure: August 11, 2015

Helps resolve an information disclosure vulnerability in Windows, Internet Explorer, and Microsoft Office.SummaryThis security update helps resolve an information disclosure vulnerability in Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability, an attacker would first ha...

MS15-086: Vulnerability in System Center Operations Manager could allow elevation of privilege: August 11, 2015

Resolves a vulnerability in Microsoft System Center 2012 Operations Manager and Microsoft System Center 2012 R2 Operations Manager that could allow elevation of privilege if a user visits an affected website by way of a specially crafted URL.SummaryThis security update resolves a vulnerability in...

MS15-080: Vulnerabilities in Microsoft graphics component could allow remote code execution: August 11, 2015

Resolves vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight that could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded TrueType or OpenType fonts.SummaryThis security update resolves...

MS15-086: Security update for Update Rollup 8 for System Center 2012 Operations Manager: August 11, 2015

Describes the issues that are fixed in Update Rollup 8 for Microsoft System Center 2012 Operations Manager.IntroductionThis article describes the issues that are fixed in Update Rollup 8 for Microsoft System Center 2012 Operations Manager. Additionally, this article contains the installation...

MS15-087: Vulnerability in UDDI services could allow elevation of privilege: August 11, 2015

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker engineered a cross-site scripting XSS scenario by inserting a malicious script into a webpage search parameter.Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability...

MS15-079: Cumulative security update for Internet Explorer: August 11, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage in Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow...

MS15-081: Vulnerabilities in Microsoft Office could allow remote code execution: August 11, 2015

Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves a vulnerability in Microsoft Office. This vulnerability could allow remote code execution if a user opens a specially crafted...