|
Severity Rating: Important Revision Note: V1.0 (May 10, 2016): Click here to enter text. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a USB disk mounted over Remote Desktop Protocol (RDP) via Microsoft RemoteFX is not correctly tied to the session of the mounting user.
|
|
Full View / NID: 59455 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (May 10, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to the local system executes a malicious application. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
|
|
Full View / NID: 59448 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Critical Revision Note: V1.0 (May 10, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
|
|
Full View / NID: 59430 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (May 10, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker with physical access inserts a specially crafted USB device into the system.
|
|
Full View / NID: 59428 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (May 10, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
|
|
Full View / NID: 59419 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Critical Revision Note: V1.0 (May 10, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
|
|
Full View / NID: 59418 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (May 10, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
|
|
Full View / NID: 59417 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (May 10, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker runs a specially crafted application to bypass code integrity protections in Windows.
|
|
Full View / NID: 59416 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V2.0 (May 10, 2016): Revised bulletin to announce the security updates for Microsoft .NET Framework 4.5.2 and Microsoft .NET Framework 4.6/4.6.1 have been rereleased to address issues with certain printing scenarios. The rereleases are available via Windows Update and the Microsoft Update Catalog. Note that this re-release applies only to LDR (Limited Distribution Release) customers. GDR (General Distribution Release) customers are not affected. For more information about the specific security updates that were re-released, see the Update FAQs section of this bulletin (MS16-035). Summary: This security update resolves a vulnerability in Microsoft .NET Framework. The security feature bypass exists in a .NET Framework component that does not properly validate certain elements of a signed XML document.
|
|
Full View / NID: 59415 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Critical Revision Note: V2.0 (April 19, 2016): To comprehensively address CVE-2016-0145, Microsoft re-released security update 3144432 for affected editions of Microsoft Live Meeting 2007 Console. Customers running Microsoft Live Meeting 2007 Console should install the update to be fully protected from the vulnerability. See Microsoft Knowledge Base Article 3144432 for more information. Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.
|
|
Full View / NID: 59110 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V2.0 (April 12, 2016): To comprehensively address CVE-2016-0133, Microsoft is releasing April Windows 10 Cumulative Update. Microsoft recommends that customers running affected versions of Microsoft Windows 10 (update 3140745) should install update 3147461. See Microsoft Knowledge Base Article 3140745 for more information. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker with physical access inserts a specially crafted USB device into the system.
|
|
Full View / NID: 59151 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft .NET Framework. The more severe of the vulnerabilities could cause remote code execution if an attacker with access to the local system executes a malicious application.
|
|
Full View / NID: 59060 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.
|
|
Full View / NID: 59040 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Critical Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
|
|
Full View / NID: 59039 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack. An attacker could then force a downgrade of the authentication level of the SAM and LSAD channels and impersonate an authenticated user.
|
|
Full View / NID: 59038 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker logs on to a target system and runs a specially crafted application.
|
|
Full View / NID: 59037 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
|
|
Full View / NID: 59026 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Critical Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
|
|
Full View / NID: 59023 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Important Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a specially crafted HTTP packet to a target system.
|
|
Full View / NID: 59022 / Submitted by: The Zilla of Zuron
|
|
Severity Rating: Critical Revision Note: V1.0 (April 12, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.
|
|
Full View / NID: 59021 / Submitted by: The Zilla of Zuron
|