MS15-097 - Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution

Bulletin ID: 

MS15-097

Severity: 

Critical

Description: 

Severity Rating: Critical
Revision Note: V2.1 (October 7, 2015): Added a footnote to the Microsoft Communication Platforms and Software table and an Update FAQ to explain that customers running affected editions of Microsoft Lync 2013 (Skype for Business) must install prerequisite updates before installing the 3085500 security update. See the Update FAQ for more information.
Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.

Security advisory: 

Related content