지락문화예술공작단

Severity Rating: CriticalRevision Note: V1.0 (January 12, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application. An attacker would have no way to force users to visit a compromised website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email or instant message that takes users to the attacker’s website. Source: ms-security

Revision Note: V1.0 (January 12, 2016): Advisory published.Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy no longer allows root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of SSL and code signing as of January 1, 2016. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. Source: ms-security

Severity Rating: CriticalRevision Note: V1.0 (January 12, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to visit a malicious website. Source: ms-security

Severity Rating: ImportantRevision Note: V1.0 (January 12, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application. Source: ms-security