Home / bulletins MS15-053 - Important: Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass (3057263) - Version: 1.1
Posted on 14 May 2015
ImportantSeverity Rating: Important
Revision Note: V1.1 (May 13, 2015): Revised bulletin to correct the updates replaced for Windows Server 2008 R2 (Server Core installation). This is an informational change only. There were no changes to the update files. Customers who have already successfully updated their systems do not need to take any action..
Summary: This security update resolves ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows. An attacker could use an ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, that could take advantage of the ASLR bypass to run arbitrary code. For example, a remote code execution vulnerability that is blocked by ASLR could be exploited after a successful ASLR bypass.Other versions
- MS15-053 - Version: 1.0
- MS15-053 - Version: 1.1
