[월:] 2016년 03월

MS16-033 – Important: Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege (3143142) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (March 8, 2016): Click here to enter text.Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker with physical access inserts a specially crafted USB device into the system. Source: MS16-033 – Important: Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege (3143142) – Version: 1.0

MS16-028 – Critical: Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3143081) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (March 8, 2016): Click here to enter text.Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens a specially crafted .pdf file. Source: MS16-028 – Critical: Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3143081) – Version: 1.0

MS16-035 – Important: Security Update for .NET Framework to Address Security Feature Bypass (3141780) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (March 8, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft .NET Framework. The security feature bypass exists in a .NET Framework component that does not properly validate certain elements of a signed XML document. Source: MS16-035 – Important: Security Update for .NET Framework to Address Security Feature Bypass (3141780) – Version: 1.0

MS16-026 – Critical: Security Update for Graphic Fonts to Address Remote Code Execution (3143148) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (March 8, 2016): Click here to enter text.Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker either convinces a user to open a specially crafted document, or to visit a webpage that contains specially crafted embedded OpenType fonts. Source: MS16-026 – Critical: Security Update for Graphic Fonts to Address Remote Code Execution (3143148) – Version: 1.0

MS16-029 – Important: Security Update for Microsoft Office to Address Remote Code Execution (3141806) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (March 8, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Source: MS16-029 – Important: Security Update for Microsoft Office to Address Remote Code Execution (3141806) – Version: 1.0