Home / bulletins MS15-129 - Critical: Security Update for Silverlight to Address Remote Code Execution (3106614) - Version: 1.0
Posted on 09 December 2015
CriticalSeverity Rating: Critical
Revision Note: V1.0 (December 8, 2015): Click here to enter text.
Summary: This security update resolves vulnerabilities in Microsoft Silverlight. The most severe of the vulnerabilities could allow remote code execution if Microsoft Silverlight incorrectly handles certain open and close requests that could result in read- and write-access violations. To exploit the vulnerability, an attacker could host a website that contains a specially crafted Silverlight application and then convince a user to visit a compromised website. The attacker could also take advantage of websites containing specially crafted content, including those that accept or host user-provided content or advertisements.