Summary
This security update resolves vulnerabilities in Windows, Microsoft Office, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded OpenType fonts. Microsoft Security Bulletin MS15-097.
To learn more about the vulnerability, seeMore Information
Important
-
All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
-
If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
Additional information about this security update
The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.
-
2910994 MS15-097: Description of the security update for Skype for Business 2016: September 30, 2015
-
3086255 MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015
-
3087039 MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015
-
3087135 MS15-097: Description of the security update for the graphics component in Windows Vista and Windows Server 2008: September 8, 2015
-
3085546 MS15-097: Description of the security update for the 2007 Microsoft Office Suite: September 8, 2015
-
3085529 MS15-097: Description of the security update for Office 2010: September 8, 2015
-
3085500 MS15-097: Description of the security update for Microsoft Lync 2013 (Skype for Business): September 8, 2015 Known issues in security update 3085500:
3099414 You can't record after you install MS15-097 for Lync 2013 (Skype for Business)
-
3081087 MS15-097: Description of the security update for Lync 2010: September 8, 2015
-
3081088 MS15-097: Description of the security update for Lync 2010 Attendee (user-level installation): September 8, 2015
-
3081089 MS15-097: Description of the security update for Lync 2010 Attendee (administrator-level installation): September 8, 2015
-
3081090 MS15-097: Description of the security update for Live Meeting Console: September 8, 2015
-
3081091 MS15-097: Description of the security update for Live Meeting Conferencing Add-in: September 8, 2015
How to obtain and install the update
Method 1: Windows Update
This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, seeGet security updates automatically. Note For Windows RT and Windows RT 8.1, this update is available through Windows Update only.
You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.Microsoft Security Bulletin MS15-097 that corresponds to the version of Windows that you are running.
Click the download link inMore Information
Windows Vista (all editions)Reference Table
The following table contains the security update information for this software.
Security update file names |
For all supported 32-bit editions of Windows Vista: Windows6.0-KB3087039-x86.msu Windows6.0-KB3087135-x86.msu |
For all supported x64-based editions of Windows Vista: Windows6.0-KB3087039-x64.msu Windows6.0-KB3087135-x64.msu |
|
Installation switches |
|
Restart requirement |
Yes, you must restart your system after you apply this security update. |
Removal information |
WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates. |
File information |
|
Registry key verification |
Note A registry key does not exist to validate the presence of this update. |
Windows Server 2008 (all editions)Reference Table
The following table contains the security update information for this software.
Security update file names |
For all supported 32-bit editions of Windows Server 2008: Windows6.0-KB3087039-x86.msu Windows6.0-KB3087135-x86.msu |
For all supported x64-based editions of Windows Server 2008: Windows6.0-KB3087039-x64.msu Windows6.0-KB3087135-x64.msu |
|
For all supported Itanium-based editions of Windows Server 2008: Windows6.0-KB3087039-ia64.msu Windows6.0-KB3087135-ia64.msu |
|
Installation switches |
|
Restart requirement |
Yes, you must restart your system after you apply this security update. |
Removal information |
WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates. |
File information |
|
Registry key verification |
Note A registry key does not exist to validate the presence of this update. |
Windows 7 (all editions)Reference Table
The following table contains the security update information for this software.
Security update file name |
For all supported 32-bit editions of Windows 7: Windows6.1-KB3087039-x86.msu |
For all supported x64-based editions of Windows 7: Windows6.1-KB3087039-x64.msu |
|
Installation switches |
|
Restart requirement |
Yes, you must restart your system after you apply this security update. |
Removal information |
To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates. |
File information |
|
Registry key verification |
Note A registry key does not exist to validate the presence of this update. |
Windows Server 2008 R2 (all editions)Reference Table
The following table contains the security update information for this software.
Security update file name |
For all supported x64-based editions of Windows Server 2008 R2: Windows6.1-KB3087039-x64.msu |
For all supported Itanium-based editions of Windows Server 2008 R2: Windows6.1-KB3087039-ia64.msu |
|
Installation switches |
|
Restart requirement |
Yes, you must restart your system after you apply this security update. |
Removal information |
To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates. |
File information |
|
Registry key verification |
Note A registry key does not exist to validate the presence of this update. |
Windows 8 and Windows 8.1 (all editions)Reference Table
The following table contains the security update information for this software.
Security update file name |
For all supported 32-bit editions of Windows 8: Windows8-RT-KB3087039-x86.msu |
For all supported x64-based editions of Windows 8: Windows8-RT-KB3087039-x64.msu |
|
For all supported 32-bit editions of Windows 8.1: Windows8.1-KB3087039-x86.msu |
|
For all supported x64-based editions of Windows 8.1: Windows8.1-KB3087039-x64.msu |
|
Installation switches |
|
Restart requirement |
Yes, you must restart your system after you apply this security update. |
Removal information |
To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates. |
File information |
|
Registry key verification |
Note A registry key does not exist to validate the presence of this update. |
Windows Server 2012 and Windows Server 2012 R2 (all editions)Reference Table
The following table contains the security update information for this software.
Security update file name |
For all supported editions of Windows Server 2012: Windows8-RT-KB3087039-x64.msu |
For all supported editions of Windows Server 2012 R2: Windows8.1-KB3087039-x64.msu |
|
Installation switches |
|
Restart requirement |
Yes, you must restart your system after you apply this security update. |
Removal information |
To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates. |
File information |
|
Registry key verification |
Note A registry key does not exist to validate the presence of this update. |
Windows RT and Windows RT 8.1 (all editions)Reference Table
The following table contains the security update information for this software.
Deployment |
These updates are available via Windows Update only. |
Restart Requirement |
Yes, you must restart your system after you apply this security update. |
Removal Information |
Click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates. |
File Information |
Windows 10 (all editions)Reference Table
The following table contains the security update information for this software.
Security update file name |
For all supported 32-bit editions of Windows 10: KB3081455 -Win10-RTM-X86-TSL.msu |
For all supported x64-based editions of Windows 10: KB3081455 -Win10-RTM-X64-TSL.msu |
|
Installation switches |
|
Restart requirement |
Yes, you must restart your system after you apply this security update. |
Removal information |
To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates. |
File information |
|
Registry key verification |
Registry keys do not exist to validate the presence of these updates. |
Microsoft Office 2007 (all editions)Reference Table
The following table contains the security update information for this software.
Security update file name |
For all supported editions of Microsoft Office 2007: ogl2007-kb3085546-fullfile-x86-glb.exe |
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base Article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
Use Add or Remove Programs item in Control Panel. |
File information |
|
Registry key verification |
Not applicable |
Microsoft Office 2010 (all editions)Reference Table
The following table contains the security update information for this software.
Security update file name |
For all supported editions of Microsoft Office 2010 (32-bit editions): ogl2010-kb3085529-fullfile-x86-glb.exe |
For all supported editions of Microsoft Office 2010 (64-bit editions): ogl2010-kb3085529-fullfile-x64-glb.exe |
|
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base Article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
Use Add or Remove Programs item in Control Panel. |
File information |
|
Registry key verification |
Not applicable |
Microsoft Live Meeting 2007, Microsoft Lync 2010, Microsoft Lync 2010 Attendee, Microsoft Lync 2013 (Skype for Business), Microsoft Lync Basic 2013 (Skype for Business Basic), and Skype for Business 2016
Reference Table The following table contains the security update information for this software.
Security update file name |
For Microsoft Live Meeting 2007 Console (3081090): LMSetup.exe |
For Microsoft Lync 2010 (32-bit) (3081087): lync.msp |
|
For Microsoft Lync 2010 (64-bit) (3081087): lync.msp |
|
For Microsoft Lync 2010 Attendee (user level install) (3081088): AttendeeUser.msp |
|
For Microsoft Lync 2010 Attendee (admin level install) (3081089): AttendeeAdmin.msp |
|
For all supported editions of Microsoft Lync 2013 (Skype for Business) (32-bit) and Microsoft Lync Basic 2013 (Skype for Business Basic) (32-bit): lync2013-kb3085500-fullfile-x86-glb.exe |
|
For all supported editions of Microsoft Lync 2013 (Skype for Business) (64-bit) and Microsoft Lync Basic 2013 (Skype for Business Basic) (64-bit): lync2013-kb3085500-fullfile-x64-glb.exe |
|
For Skype for Business 2016 (32-bit editions): lync2016-kb2910994-fullfile-x86-glb.exe |
|
For Skype for Business 2016 (64-bit editions): lync2016-kb2910994-fullfile-x64-glb.exe |
|
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base Article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal Information |
Use Add or Remove Programs item in Control Panel. |
File Information |
For Microsoft Live Meeting 2007 Console:Microsoft Knowledge Base Article 3081090 See |
For all supported editions of Microsoft Lync 2010:Microsoft Knowledge Base Article 3081087 See |
|
For Microsoft Lync 2010 Attendee (user level install):Microsoft Knowledge Base Article 3081088 See |
|
For Microsoft Lync 2010 Attendee (admin level install):Microsoft Knowledge Base Article 3081089 See |
|
For Microsoft Link 2013 (Skype for Business) and Microsoft Link Basic 2013 (Skype for Business Basic):Microsoft Knowledge Base Article 3085500 See |
|
For Skype for Business 2016:Microsoft Knowledge Base Article 2910994 See |
|
Registry Key Verification |
For Microsoft Live Meeting 2007 Console: Not applicable |
For Microsoft Lync 2010 (32-bit): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22} Version = 7577.4478 |
|
For Microsoft Lync 2010 (64-bit): HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22} Version = 7577.4478 |
|
For Microsoft Lync 2010 Attendee (admin level install): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\94E53390F8C13794999249B19E6CFE33\InstallProperties\DisplayVersion = 4.0.7577.4478 |
|
For Microsoft Lync 2010 Attendee (user level install): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22} Version = 7577.4478 |
|
For Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic): Not applicable |
|
For Skype for Business 2016: Not applicable |
File name |
SHA1 hash |
SHA256 hash |
---|---|---|
lync.exe (x64) |
FF5F11E2F1ECD9847F397B08FA12CC6D09507B46 |
F417E550187925642CE0DB5DE1ACF41B75D9C32E5386D96B0F484CD04241E547 |
lync.exe (x86) |
CA324F246939D5DCF99BC1FC0C6E8AC70D54DE2E |
D074B515DC43F78EC5AC42C68BAFBE0E57DFEDA48ADF7C6C725BC615D873322C |
AttendeeAdmin.msp |
6D0A6BBD161E956C60474F7331F8DC991916D8F4 |
DE3E353FE6A44E4CB187A2D5D954B017F7330D8B3514D13BF774D387CEF4B308 |
AttendeeUser.msp |
127B8CB80DA59F951C642A904657B13294EF47FB |
4BE75AFB7A64203869061F9EB8848D6985E58FDB3BF27EA101976F332CD31CD2 |
ConfAddins_Setup_x64.exe |
046CD78DB54A0C567F94550C303718EB79D8E962 |
8092F771E27E59852A913ECEFEC4B9BABDA62D6BB96699661678749EC512770F |
ConfAddins_Setup_x86.exe |
091C0ADFEA56715E2AD29C8EC590423F0BDCFDA4 |
430FF247838599CBDC7215CE6AC2FD0CBDFC1D603C489C4795B0571F242B9C35 |
LMSetup.exe |
95A4736FE7B3CB59DCEEE52462E563FA049ECA18 |
26CE4BB7F01AB938E89FE230ED2AFDA26E265360B971716E661822CAC52CD0EA |
Lync_x64.msp |
B3158DAA903A2B2422CBDED0E362998BF5E36F0F |
12B86A62BF609398686A103CE297A0592EB334A6CBB6A41EC193E629DF6D68A2 |
Lync_x86.msp |
8335902DB69204BB66EB408348607EB7EC3A09E4 |
E4BB57996C78AA02AB519D3BB85C29AC82AD79655BA71E780E6413133B171B8B |
lync2013-kb3085500-fullfile-x64-glb.exe |
B4EAF60A666306CF800CB63502BCCB86E03896C4 |
CDBDEF88A99D24690EFAA7DE514E5CC8D6AACFF19A08E43D6615EF92C8C0052A |
lync2013-kb3085500-fullfile-x86-glb.exe |
9FC79523CDEB6942C14B2707A90DCD1A14774FEB |
BCC2B7A59C282D20A846F13A44BF01F5EC30B94BFB52CA493F29E8DA3AEAD9E1 |
ogl2007-kb3085546-fullfile-x86-glb.exe |
44A7783A16E7CF7C144D3FCCDA18985B19EF040B |
B851075C8951AD6F90BC43A4EE7FC0B0B9C6087D74936EE78B3F4E93CF900F6B |
ogl2010-kb3085529-fullfile-x64-glb.exe |
D7BC27F9F6D1F2A4C13D81EAA253F2A97A1ECBF2 |
535DE61D75A1D967EF927CA614AF48F9AB1A740E2A5E5C00791261F9ACBFDE08 |
ogl2010-kb3085529-fullfile-x86-glb.exe |
6FC8B148094DB800D3A0C97ED791D0EC5CA9EE47 |
433D4B8E98197589330ECDBF6810520C1C627CDAF585B5563BFE25AF3397A288 |
Windows6.0-KB3087039-ia64.msu |
8F36FF2772342D8D4E14A44C1B58BE921CDCBC8C |
8758E713D9D514E68BF2B752A76CFD29873BE78DF927005BB3F192D123FBB8F5 |
Windows6.0-KB3087039-x64.msu |
3E8C363D5443E350175570C05CA235911C5230D6 |
AAB19ADAF4BD94AB730ED5E43F86F412E1EE61B06762E2E3245C0D11639E552F |
Windows6.0-KB3087039-x86.msu |
713236A1DF235EB0A293BA9909A8842CA2F79C0B |
85F8E4F5182D68A230CFA41BEF2751482E281A28A3EE5B4D34DBCEC07122ACE3 |
Windows6.0-KB3087135-ia64.msu |
4ADBFF498853C8D6E6AE762E111E19B3F03AE29E |
7873293F9ACEAC438D6F728BC5330776793D6B6A033090FA278EEC03C1E71811 |
Windows6.0-KB3087135-x64.msu |
ED5D03BA983A7DB39E0CAFDDE4E534D1374C0575 |
AD76C99F4DFE28866D70F4347C126B5B105004DA105C9B54060F8BA3DA3759D1 |
Windows6.0-KB3087135-x86.msu |
A10F423A7322C3A95DFBE6AF35AC3295B265E15B |
B46B26251DF06203E8B82261664512B9C14498BD41037B7B611ADD0D19DF1119 |
Windows6.1-KB3087039-ia64.msu |
7DFB1638064AA5BE66C81094F3FDFCC5234581F9 |
59AB9DA2BDECC7BF52F46BE0B62EEA41B70AFFBCFA147EC21E3B2F6158BDB161 |
Windows6.1-KB3087039-x64.msu |
84E034E020F101D36398C0AD70813BDB8FE3A84C |
16965BF8F99EA956E0B0D70009342F9713ADF32AAB87B97A358670C07F14EC2D |
Windows6.1-KB3087039-x86.msu |
6B7052D39CBB7AA4CE8EB4C14D833B08080ACC15 |
0C89018F35B8DCCFE3C0F6563F82F39FA282DE96D5C4B0A75B64162F13F3053E |
Windows8.1-KB3087039-arm.msu |
219CA9917C0BA4FD2DC5A69ADD822E872E2F296C |
06625E8872A438B4E6A7A944CC1E529AD080030879A102545177EF9F26A85AB9 |
Windows8.1-KB3087039-x64.msu |
4508EE0F43205300494BAFC69A1ADC472D7370CE |
377CD16A8376411874B4F2E1B24A38E7771C53B2C0A71514D61E25F50C48BDE6 |
Windows8.1-KB3087039-x86.msu |
9CBAA6974A4E404C235F0A7F55B80D60A38CF78C |
E78C18974E7EA303B4825CA24A6CDBE7D2BC06004C946915217776369D85DD6D |
Windows8-RT-KB3087039-arm.msu |
CC0E460E4511EAA68266D9EBD7546924F2D872C5 |
A03A3782CF6BF49629B5CFDEDFA32D2A5EAA6EDB8812899A8169665BDAEF76CA |
Windows8-RT-KB3087039-x64.msu |
AE850C9EB9BF6306DD7941A181557E2A4B4C9BBC |
9F1B486D8B0B5A24FBFAC157AEE5949017F44F75FD5BB5EA16611F34EFDB09CB |
Windows8-RT-KB3087039-x86.msu |
A1496FA1E05826E65A7C13CC95656E5E06266AFA |
34AD992D8304E8CC363D87EEFE775D262051E6E0A588384B22D764AE73705553 |
Help for installing updates: Support for Microsoft Update Security solutions for IT professionals: TechNet Security Troubleshooting and Support Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center Local support according to your country: International Support