[월:] 2016년 12월

MS16-154 – Critical: Security Update for Adobe Flash Player (3209498) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (December 13, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10. Source: MS16-154 – Critical: Security Update for Adobe Flash Player (3209498) – Version: 1.0

MS16-149 – Important: Security Update for Microsoft Windows (3205655) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (December 13, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application. Source: MS16-149 – Important: Security Update for Microsoft Windows (3205655) – Version: 1.0

MS16-150 – Important: Security Update for Secure Kernel Mode (3205642) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (December 13, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if a locally-authenticated attacker runs a specially crafted application on a targeted system. An attacker who successfully exploited the vulnerability could violate virtual trust levels (VTL). Source: MS16-150 – Important: Security Update for Secure Kernel Mode (3205642) – Version: 1.0

MS16-147 – Critical: Security Update for Microsoft Uniscribe (3204063) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (December 13, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Windows Uniscribe. The vulnerability could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update addresses the vulnerabilities by correcting how the Windows Uniscribe handles objects in the memory. Source: MS16-147 – Critical: Security Update for Microsoft Uniscribe (3204063) – Version: 1.0

MS16-148 – Critical: Security Update for Microsoft Office (3204068) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (December 13, 2016): Bulletin published Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Source: MS16-148 – Critical: Security Update for Microsoft Office (3204068) – Version: 1.0