Severity Rating: Important
Revision Note: V1.1 (December 23, 2015): Bulletin revised to correct the Updates Replaced for the Server Core installation option on Windows Server 2008 and Windows Server 2008 R2.This is an informational change only. Customers who have successfully installed the updates do not need to take any further action.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system with Remote Desktop Protocol (RDP) enabled. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
Source: ms-security