MS15-065: Security update for Internet Explorer: July 14, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution i...

MS15-067: Vulnerability in RDP could allow remote code execution: July 14, 2015

Resolves a vulnerability in Windows that could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system that has the Remote Desktop Protocol RDP server service enabled. By default, the RDP server service is not enabled on any Windows operating...

MS15-068: Vulnerability in Windows Hyper-V could allow remote code execution: July 14, 2015

Resolves vulnerabilities in Windows that could allow remote code execution in a host context if a specially crafted application is run by an authenticated and privileged user on a guest virtual machine that is hosted by Hyper-V.SummaryThis security update resolves vulnerabilities in Windows that...

MS15-058: Vulnerabilities in SQL Server could allow remote code execution: July 14, 2015

Resolves vulnerabilities in SQL Server that could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address. This leads to a function call to uninitialized memory.IntroductionThis update resolves...

MS15-069: Vulnerabilities in Windows could allow remote code execution: July 14, 2015

SummaryThis security update resolves vulnerabilities in Microsoft Windows. These vulnerabilities could allow remote code execution if an attacker first places a specially crafted dynamic link library DLL file in the target user’s current working directory. Then, the attacker convinces the user to...

MS15-066: Vulnerability in VBScript could allow remote code execution: July 14, 2015

Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user goes to a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.SummaryThis security update...

MS15-066: Description of the security update for the VBScript 5.8 scripting engine: July 14, 2015

Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user goes to a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.SummaryThis security update...

Update Rollup for Microsoft Monitoring Agent

Describes the issues that are fixed in update rollup KB 3071396 for Microsoft Monitoring Agent.This article describes the issues that are fixed in an update rollup for the Microsoft Monitoring Agent. Additionally, this article contains installation instructions for the update rollup.Issues that a...

MS15-057: Vulnerability in Windows Media Player could allow remote code execution: June 9, 2015

None None...

MS15-059: Vulnerabilities in Microsoft Office could allow remote code execution: June 9, 2015

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office...

MS15-047: Vulnerabilities in SharePoint Server could allow remote code execution: May 12, 2015

Resolves vulnerabilities in Microsoft Office server and productivity software that could allow remote code execution if authenticated attacker sends specially crafted page content to a SharePoint server.SummaryThis security update resolves vulnerabilities in Microsoft Office server and productivi...

MS15-048: Vulnerabilities in the .NET Framework could allow elevation of privilege: May 12, 2015

This update resolves vulnerabilities in the Microsoft .NET Framework that include vulnerabilities that could allow elevation of privilege if an attacker sends specially crafted data to a WinForms application that is running in partial trust, and vulnerabilities that could allow denial of service...

MS15-047: Description of the security update for SharePoint Server 2013: May 12, 2015

Resolves vulnerabilities in Microsoft Office server and productivity software that could allow remote code execution if an authenticated attacker sends specially crafted page content to a SharePoint server.SummaryThis security update resolves vulnerabilities in Microsoft Office server and...

MS15-052: Vulnerability in Windows kernel could allow security feature bypass: May 12, 2015

Resolves a vulnerability in Windows that could allow security feature bypass if an attacker logs on to an affected system and runs a specially crafted application.SummaryThis security update resolves a vulnerability in Microsoft Windows that could allow security feature bypass if an attacker logs...

MS15-051: Vulnerabilities in Windows kernel-mode drivers could allow information disclosure: May 12, 2015

Resolves vulnerabilities in Windows that could allow remote code execution if a user opens a specially crafted document or could allow elevation of privilege if an attacker logs on locally and runs arbitrary code in kernel mode.SummaryThis security update resolves vulnerabilities in Windows, the...

MS15-053: Vulnerabilities in JScript and VBScript scripting engines could allow security feature bypass: May 12, 2015

This security update resolves ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows.SummaryThis security update resolves address space layout randomization ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows...

MS15-040: Vulnerability in Active Directory Federation Services could allow information disclosure: April 14, 2015

Describes a security update that resolves a vulnerability in Active Directory Federation Services AD FS that could allow information disclosure.SummaryThis security update resolves a vulnerability in Active Directory Federation Services AD FS. The vulnerability could allow information disclosure ...

MS15-041: Vulnerability in the .NET Framework could allow information disclosure: April 14, 2015

Resolves a vulnerability in the Microsoft .NET Framework that could allow information disclosure if an attacker sends a specially crafted web request to an affected server that has custom error messages disabled. An attacker who successfully exploits the vulnerability would be able to view parts ...

MS15-036: Vulnerabilities in SharePoint Server could allow elevation of privilege: April 14, 2015

Resolves vulnerabilities in Microsoft Office server and productivity software that could allow elevation of privilege if an attacker sends a specially crafted request to an affected SharePoint Server.SummaryThis security update resolves vulnerabilities in Microsoft SharePoint Server and Microsoft...

MS15-033: Description of the Microsoft Office for Mac 2011 14.4.9 update: April 14, 2015

Describes a security update that addresses vulnerabilities by correcting how Excel and other affected software validate data when they parse specially crafted Office files.IntroductionMicrosoft has released security bulletin MS15-033. This security bulletin contains all the relevant information...

MS15-033: Vulnerabilities in Office could allow remote code execution: April 14, 2015

Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file. An...

MS15-030: Description of the security update for Remote Desktop protocol: March 10, 2015

Resolves a vulnerability in Microsoft Windows that could allow denial of service if an attacker creates multiple RDP sessions which fail to properly free objects in memory. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at...

MS15-019: Vulnerability in VBScript Scripting Engine could allow remote code execution: March 10, 2015

Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user visits a specially crafted website.SummaryThis security update resolves a vulnerability in the VBScript scripting engine in Microsoft Windows. The vulnerability could allow remote...

MS15-030: Vulnerability in Remote Desktop protocol could allow denial of service: March 10, 2015

Resolves a vulnerability in Microsoft Windows that could allow denial of service if an attacker creates multiple RDP sessions which fail to properly free objects in memory. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at...

MS15-022: Vulnerabilities in Office could allow remote code execution: March 10, 2015

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or...

MS15-019: Description of the security update for VBScript 5.8 Scripting Engine: March 10, 2015

Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user visits a specially crafted website.SummaryThis security update resolves a vulnerability in the VBScript scripting engine in Microsoft Windows. The vulnerability could allow remote...

MS15-025: Vulnerabilities in Windows kernel could allow elevation of privilege: March 10, 2015

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local...

MS15-020: Vulnerabilities in Windows could allow remote code execution: March 10, 2015

Resolves vulnerabilities in Windows that could allow remote code execution if an attacker successfully convinces a user to browse to a specially crafted website or working directory.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote...

Update for Internet Explorer Administrative Template resources

Describes an update that provides Group Policy Administrative Template .adm resource files for Internet Explorer.About this updateThis update package contains Group Policy Administrative Template resource files inetres.adml for Internet Explorer.Update informationTo get this update, install the...

MS15-010: Vulnerabilities in Windows kernel mode driver could allow remote code execution: February 10, 2015

Resolves vulnerabilities in Microsoft Windows that could allow remote code execution if an attacker convinces a user to open a specially crafted document or visit an untrusted website that contains embedded TrueType fonts.SummaryThis security update resolves one publicly disclosed and five...

MS15-013: Vulnerability in Microsoft Office could allow security bypass: February 10, 2015

Resolves vulnerabilities that could allow security feature bypass if a specially crafted file is opened in an affected edition of Microsoft Office.IntroductionThis security update resolves vulnerabilities that could allow security feature bypass if a specially crafted file is opened in an affecte...

MS15-009: Description of the security update for Internet Explorer: February 10, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage.SummaryThis article describes the cumulative security update for Internet Explorer that is dated on February 10, 2015. For more information about this update, see KB...

MS15-017: Vulnerability in Virtual Machine Manager could allow elevation of privilege: February 10, 2015

Resolves a vulnerability in Virtual Machine Manager that could allow elevation of privilege if an attacker logs on to an affected system.IntroductionThe update that is described in this article resolves a vulnerability in Microsoft System Center 2012 R2 Virtual Machine Manager that could allow...

MS15-009: Description of the security update for JScript9.dll in Internet Explorer: February 10, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage.SummaryThis article describes the cumulative security update for JScript9.dll in Internet Explorer that is dated February 10, 2015. This security update resolves an iss...

MS15-012: Vulnerabilities in Microsoft Office could allow remote code execution: February 10, 2015

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Office file in an affected version of Office software.IntroductionThis security update resolves vulnerabilities in Microsoft Office 2010 that...

MS15-009: Cumulative security update for Internet Explorer: February 10, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage.The update that this article describes has been replaced by a newer update. We recommend that you install the most current cumulative security update for Internet...

MS14-080: Description of the security update for VBScript 5.8: January 13, 2015

Describes an update package that contains VBScript 5.8 updates for Internet Explorer 10. Apply this update package after you install the December cumulative security update for Internet Explorer.SummaryThis package contains the VBScript 5.8 updates that are intended for Internet Explorer 10 in a...

MS15-004: Vulnerability in Windows components could allow elevation of privilege: January 13, 2015

Resolves a vulnerability in the TS WebProxy Windows component that could allow elevation of privilege if an attacker convinces a user to run a specially crafted application. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.SummaryThis...

MS14-084: Vulnerability in VBScript scripting engine could allow remote code execution: December 9, 2014

Resolves a vulnerability in the VBScript scripting engine in Microsoft Windows that could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.INTRODUCTIONMicrosoft h...

MS14-084: Description of the security update for VBScript 5.8: December 9, 2014

Resolves a vulnerability in the VBScript scripting engine in Microsoft Windows that could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.INTRODUCTIONMicrosoft h...

MS14-083: Description of the security update for Microsoft Excel 2013: December 9, 2014

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Excel workbook in an affected version of Office software. An attacker who successfully exploited the vulnerabilities could gain the...

MS14-081: Vulnerabilities in Microsoft Word and Office Web Apps could allow remote code execution: December 9, 2014

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Office.IntroductionThis security update resolves vulnerabilities in Microsoft Office that could...

MS14-075: Vulnerabilities in Microsoft Exchange Server could allow elevation of privilege: December 9, 2014

Resolves a vulnerability in Microsoft Exchange Server that could allow spoofing if an attacker sends an email message that contains a malicious link to a specially crafted website to a user on an affected Exchange server.INTRODUCTIONMicrosoft has released security bulletin MS14-075. To learn more...

MS14-082: Vulnerabilities in Microsoft Office could allow remote code execution: December 9, 2014

Resolves vulnerabilities that could allow remote code execution or security feature bypass if a specially crafted file is opened in an affected edition of Microsoft Office.IntroductionThis security update resolves a vulnerability that could allow remote code execution or security feature bypass i...

MS14-064: Vulnerabilities in Windows OLE could allow remote code execution: November 11, 2014

Resolves vulnerabilities in Windows OLE that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.INTRODUCTIONMicrosoft has...

MS14-072: Vulnerability in the .NET Framework could allow elevation of privilege: November 11, 2014

Resolves a vulnerability in the Microsoft .NET Framework that could allow elevation of privilege.View products that this article applies to.IntroductionThis update resolves a vulnerability in the Microsoft .NET Framework that could allow elevation of privilege.SummaryMicrosoft has released securi...

MS14-073: Vulnerability in Microsoft SharePoint Foundation could allow for elevation of privilege: November 11, 2014

Resolves a vulnerability in Microsoft SharePoint Server. An authenticated attacker who successfully exploited this vulnerability could run arbitrary script in the context of the user on the current SharePoint site.INTRODUCTIONMicrosoft has released security bulletin MS14-073. To learn more about...

MS14-073: Description of the security update for SharePoint Foundation 2010: November 11, 2014

Resolves a vulnerability in Microsoft SharePoint Server. An authenticated attacker who successfully exploited this vulnerability could run arbitrary script in the context of the user on the current SharePoint site.INTRODUCTIONMicrosoft has released security bulletin MS14-073. To learn more about...

MS14-061: Vulnerability in Microsoft Word and Office Web Apps could allow remote code execution: October 14, 2014

This security update resolves a vulnerability in Microsoft Word that could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Office file.INTRODUCTIONMicrosoft has released security bulletin MS14-061. To learn more about this security bulletin:Home...

MS14-061: Description of the security update for Microsoft Office 2010: October 14, 2014

This security update resolves a vulnerability in Microsoft Word that could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Office file.INTRODUCTIONMicrosoft has released security bulletin MS14-061. To learn more about this security bulletin: Home...