Severity Rating: Important
Revision Note: V1.1 (January 27, 2016): 1) Added an Update FAQ to explain that only certain versions of aepic.dll are affected by CVE-2016-0018; therefore, some customers will not be offered update 3121461. 2) Added an Update FAQ to explain why some customers are not being offered update 3109560. These are informational change only. Customers who have already successfully installed the updates do not need to take any further action.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application.