Security Alert (A15-04-06): Multiple Vulnerabilities in Microsoft Products
15 April 2015
Microsoft has released 11 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:
MS15-032 Cumulative Security Update for Internet Explorer MS15-033 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution MS15-034 Vulnerability in HTTP.sys Could Allow Remote Code Execution MS15-035 Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution MS15-036 Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege MS15-037 Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege MS15-038 Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege MS15-039 Vulnerability in XML Core Services Could Allow Security Feature Bypass MS15-040 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure MS15-041 Vulnerability in .NET Framework Could Allow Information Disclosure MS15-042 Vulnerability in Windows Hyper-V Could Allow Denial of Service
Microsoft Office 2007, 2010, 2013, 2013 RT, Office for Mac 2011
Microsoft Office Compatibility Pack, Word Viewer
Microsoft Office Web Apps 2010, 2013
Microsoft Outlook for Mac for Office 365
Microsoft Project Server 2010, 2013
Microsoft SharePoint Server 2010, 2013
Microsoft Windows Server 2003, 2008, 2012
Microsoft Windows Vista, 7, 8, 8.1, RT, RT 8.1
Depending on the vulnerability exploited, a successful attack could lead to bypass of security restrictions, elevation of privilege, information disclosure, denial of service or arbitrary code execution.
Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
Microsoft Update http://update.microsoft.com/microsoftupdate