09.273.2015 - MS15-097 - Critical: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656) - Version: 2.0

Severity Rating: Critical Revision Note: V2.0 (September 30, 2015): Revised bulletin to announce the availability of an update package for Skype for Business 2016. Customers running Skype for Business 2016 should apply the 2910994 update to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically. Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts. - View Microsoft Security Bulletin MS15-097 - View Microsoft Knowledge Base Article - on: 2. - Visit Microsoft Corporation