MS – SECURITY

MS16-039 – Critical: Security Update for Microsoft Graphics Component (3148522) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (April 12, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts. Source: MS16-039 – Critical: Security Update for Microsoft Graphics Component (3148522) – Version: 1.0

MS16-047 – Important: Security Update for SAM and LSAD Remote Protocols (3148527) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (April 12, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack. An attacker could then force a downgrade of the authentication level of the SAM and LSAD channels and impersonate an authenticated user. Source: MS16-047 – Important: Security Update for SAM and LSAD Remote Protocols (3148527) – Version: 1.0

MS16-050 – Critical: Security Update for Adobe Flash Player (3154132) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (April 12, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10. Source: MS16-050 – Critical: Security Update for Adobe Flash Player (3154132) – Version: 1.0

MS16-045 – Important: Security Update for Windows Hyper-V (3143118) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (April 12, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected. Source: MS16-045 – Important: Security Update for Windows Hyper-V (3143118) – Version: 1.0

MS13-082 – Critical: Vulnerabilities in .NET Framework Could Allow Remote Code Execution – Version: 1.2 Severity Rating: CriticalRevision Note: V1.2 (April 7, 2016): Corrected download links for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows 2008 R2. This is an informational change only. Customers who have already successfully updated their systems do not need to take any action.Summary: This security update resolves two privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if a user visits a website containing a specially crafted OpenType font (OTF) file using a browser capable of instantiating XBAP applications. Source: MS13-082 – Critical: Vulnerabilities in .NET Framework Could Allow Remote Code Execution – Version: 1.2