MS15-129: Security update for Silverlight to address remote code execution: December 8, 2015

Summary

This security update resolves vulnerabilities in Microsoft Silverlight. The most severe of the vulnerabilities could allow remote code execution if Microsoft Silverlight incorrectly handles certain open and close requests that could result in read and write access violations. To exploit the vulnerability, an attacker could host a website that contains a specially crafted Silverlight application and then convince a user to visit a compromised website. The attacker could also take advantage of websites that contain specially crafted content that accept or host user-provided content or advertisements.

An attacker would be unable to force users to visit a compromised website. Instead, an attacker would have to convince a user to take action, such as clicking a link that takes the user to the attacker's website.

To learn more about the vulnerability, see Microsoft Security Bulletin MS15-129.

More Information

Important
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see
Get security updates automatically.
Method 2: Microsoft Download Center

More Information

Security update deployment information
File hash information
File information
How to obtain help and support for this security update
Ιδιότητες

Αναγνωριστικό άρθρου: 3106614 - Τελευταία αναθεώρηση: 8 Δεκ 2015 - Αναθεώρηση: 1

Σχόλια