MS15-080: Description of the security update for Silverlight 5: August 11, 2015


This security update resolves vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight. These vulnerabilities could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded TrueType or OpenType fonts. To learn more about this vulnerability, see Microsoft Security Bulletin MS15-080.

Improvements included in this update

In addition to the vulnerabilities fixed that are by this security update, the update also includes functional, performance, reliability, and security improvements. This security update is backward-compatible with web applications that were created for earlier versions of Silverlight. This security update also includes the following improvements and fixes the following issues:
  • Issue 1

    Fixes an issue in the Silverlight 64-bit runtime that causes some applications to crash on Internet Explorer 11.

  • Issue 2

    Updates the Macintosh installer to successfully install on OS X systems that have Gatekeeper security enabled.

  • Issue 3

    Updates the Windows manual installer to include options to set MSN as your default homepage and Bing as your default search engine. Automated installations and upgrades of Silverlight (for example, installations and upgrades performed by Microsoft Update and WSUS) do not use the Silverlight installer user interface and do not offer to change your homepage or search engine.

Changes in this update

The Macintosh update does not install on OS X 10.5 (Leopard).

How to obtain and install this update

Method 1: Microsoft Update and WSUS

This update is available through Windows Update for users enrolled in Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

This update is also available through WSUS. If an earlier version of Silverlight is installed on the computer, this security update is offered as Security Update for Microsoft Silverlight (KB 3080333).

Method 2: Microsoft Silverlight site

The Silverlight installer includes all previous updates in addition to this security update. To install the latest version of Silverlight, go to the Get Microsoft Silverlight website.

Update deployment information

For deployment information about this update, see Microsoft Knowledge Base Article 3078662 .

Update replacement information

This update replaces previously released update 3056819 .