Home / bulletins

MS15-010 - Critical: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (3036220) - Version: 1.1

Posted on 19 February 2015

Critical

Severity Rating: Critical
Revision Note: V1.1 (February 18, 2015): Bulletin revised to add an Update FAQ that explains why there are two packages on the Microsoft Download Center pages for affected editions of Windows Server 2003, Windows Server 2008, and Windows Vista. The additional package (3037639) is not needed to be protected from the vulnerabilities addressed by the 3013455 update; it simply corrects a text quality problem that some customers experienced after installing the 3013455 update on the indicated systems.
Summary: This security update resolves six privately reported vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. To exploit the vulnerability an attacker would need to convince a user to open a specially crafted document or visit an untrusted website that contains embedded TrueType Fonts.

Link

Other versions

 

TOP