-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ******************************************************************** Title: Microsoft Security Bulletin Releases Issued: October 13, 2015 ******************************************************************** Summary ======= The following bulletins have undergone a major revision increment. * MS15-046 - Important * MS15-081 - Critical * MS15-099 - Critical * MS15-MAY * MS15-AUG * MS15-SEP Bulletin Information: ===================== MS15-046 - Important - Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181) - https://technet.microsoft.com/library/security/ms15-046 - Reason for Revision: V4.0 (October 13, 2015): Revised bulletin to announce the availability of a new update (3085544) for Microsoft Office 2007 that addresses issues with the previously-released update (2965282). Customers running Microsoft Office 2007 are encouraged to install update 3085544 at the earliest opportunity to be fully protected from the vulnerability discussed in this bulletin. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3085544 for more information and download links. - Originally posted: May 15, 2015 - Updated: October 13, 2015 - Bulletin Severity Rating: Important - Version: 4.0 MS15-081 - Critical - Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790) - https://technet.microsoft.com/library/security/ms15-081 - Reason for Revision: V3.0 (October 13, 2015): Revised bulletin to announce the availability of update packages for Microsoft Office 2016, Microsoft Visio 2016, and Microsoft Word 2016. Customers running Microsoft Office 2016, Microsoft Visio 2016, or Microsoft Word 2016 should apply the applicable updates to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the updates will be downloaded and installed automatically. - Originally posted: August 11, 2015 - Updated: October 13, 2015 - Bulletin Severity Rating: Critical - Version: 3.0 MS15-099 - Critical - Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664) - https://technet.microsoft.com/library/security/ms15-099 - Reason for Revision: V4.0 (October 13, 2015): Revised bulletin to announce the availability of an update package for Microsoft Excel 2016. Customers running Microsoft Excel 2016 should apply update 2920693 to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically. - Originally posted: September 8, 2015 - Updated: October 13, 2015 - Bulletin Severity Rating: Critical - Version: 4.0 MS15-MAY - Title: Microsoft Security Bulletin Summary for May 2015 - https://technet.microsoft.com/library/security/ms15-may.aspx - Reason for Revision: V2.0 (October 13, 2015): For MS15-046, revised Bulletin Summary to announce the availability of a new update (3085544) for Microsoft Office 2007 that addresses issues with the previously-released update (2965282). Customers running Microsoft Office 2007 are encouraged to install update 3085544 at the earliest opportunity to be fully protected from the vulnerability discussed in this bulletin. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3085544 for more information and download links. - Originally posted: May 12, 2015 - Updated: October 13, 2015 - Version: 2.0 MS15-AUG - Title: Microsoft Security Bulletin Summary for August 2015 - https://technet.microsoft.com/library/security/ms15-aug.aspx - Reason for Revision: V3.0 (October 13, 2015): For MS15-081, revised Bulletin Summary to announce the availability of update packages for Microsoft Office 2016, Microsoft Visio 2016, and Microsoft Word 2016. Customers running Microsoft Office 2016, Microsoft Visio 2016, or Microsoft Word 2016 should apply the applicable updates to be protected from the vulnerabilities discussed in MS15-081. The majority of customers have automatic updating enabled and will not need to take any action because the updates will be downloaded and installed automatically. - Originally posted: August 11, 2015 - Updated: October 13, 2015 - Version: 3.0 MS15-SEP - Title: Microsoft Security Bulletin Summary for September 2015 - https://technet.microsoft.com/library/security/ms15-sep.aspx - Reason for Revision: V3.0 October 13, 2015): For MS15-099, revised Bulletin Summary to announce the availability of an update package for Microsoft Excel 2016. Customers running Microsoft Excel 2016 should apply update 2920693 to be protected from the vulnerabilities discussed in MS15-099. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically. - Originally posted: September 8, 2015 - Updated: October 13, 2015 - Version: 3.0 Other Information ================= Recognize and avoid fraudulent email to Microsoft customers: ============================================================= If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email. The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at . ******************************************************************** THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. ******************************************************************** Microsoft respects your privacy. Please read our online Privacy Statement at . If you would prefer not to receive future technical security notification alerts by email from Microsoft and its family of companies please visit the following website to unsubscribe: . These settings will not affect any newsletters you’ve requested or any mandatory service communications that are considered part of certain Microsoft services. For legal Information, see: . This newsletter was sent by: Microsoft Corporation 1 Microsoft Way Redmond, Washington, USA 98052 -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8 wsFVAwUBVhw5BL8Fv/Q6pUnlAQggMA/8C5D5vwBvjlSn2YF9Lc73BezSS2UU5W5K oLVqjc5PBFhDCL7++/yxEsk8/D6fpcG+K2EbKTYHR6fdNeJIbu03n10yaxrzZ2KU EA3bATa+4JBM5R44iaBNxER0OaIca4Shbw4729QL30ZFOAcFwlPApnGOnROlphv5 gjpZxtU4ooEDW9Mybcmb9CvIb67NG9UmWsd9L2VBPB8PtW/d4Z4zBVFgYPNvOzJT 9BtLkKBQLd/fl5i/I03nsGao1RoqyKn+kp37XcEWVuPzqTZW8s6AX0gV5r3DzGQg rEWJ6G8uMxst9CFxnyhn0t8poB2YJZFVkKytSTGfVNLxYleoyl6MTgniwxiE/cG5 Csz4wPzj6A1pZbAVc0xfXNq9RRCo0xCVxUP2ae0r3z7USHMIktwjiDrMljDqIjum 81R3ydFlV6EEj3y7LkwTEgnmvLYV+5zfta0TVb7G2KW7a+NRU1dRdIX5I/+J8Cuz JDu+GMq8sYGkM4Kxc85/RFdu2dsB82TbQvMV97hnL420fD2EJq6wT7e5vDc5u41d kLpfJvCfLvPXI5r5H9+5Sn2lj13T7AfjFOjioPZxZMAF9IDqpd26e7xlB9IACsh9 O3Kh2Io7xdzex0K2p7Hp0nPaamfRctNw20ZpY6vVfO8yp+hLC2ryj76RQXWDqdvG 9UN4t1KF5BU= =RvsS -----END PGP SIGNATURE-----