MS – SECURITY

Severity Rating: ImportantRevision Note: V1.0 (February 9, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application. Source: ms-security

Severity Rating: CriticalRevision Note: V1.0 (February 9, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Edge. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Source: ms-security

Severity Rating: CriticalRevision Note: V1.0 (February 9, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Source: ms-security

Severity Rating: CriticalRevision Note: V1.0 (February 9, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if Microsoft Windows PDF Library improperly handles application programming interface (API) calls, which could allow an attacker to run arbitrary code on the user’s system. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. However, an attacker would have no way to force users to download or open a malicious PDF document. Source: ms-security

Severity Rating: ImportantRevision Note: V1.0 (February 9, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft .NET Framework. The more severe of the vulnerabilities could cause denial of service if an attacker insert specially crafted XSLT into a client-side XML web part, causing the server to recursively compile XSLT transforms. Source: ms-security