Here's something new: Microsoft's changed the way they number their bulletins. The previous model used security bulletin ID numbers; this method is being retired, and the new security bulletins will be identified by vulnerability ID numbers and KB Article ID numbers.

So we'll be changing how we present the information. We will be sorting out the security updates by application and by operating system. You can scan through for the ones that affect you, then see what you may want/need to install.


Windows Vista (all editions)

Microsoft Knowledge Base Article 4014652 — An information disclosure vulnerability exists within the open-source libjpeg image-processing library where it fails to properly handle objects in memory. To exploit this vulnerability, an attacker could convince a user to run a specially crafted application. The security update addresses the vulnerability by correcting how libjpeg handles objects in memory.

Microsoft Knowledge Base Article 4014793 — This update addresses the vulnerability by correcting the way that Microsoft Office and WordPad parses specially crafted files, and by enabling API functionality in Windows that Microsoft Office and WordPad will leverage to resolve the identified issue.

Microsoft Knowledge Base Article 4014794 — An attacker could use an ASLR bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, that could take advantage of the ASLR bypass to run arbitrary code. To exploit this vulnerability, an attacker could convince a user to run a specially crafted application. The security update addresses the vulnerability by correcting how libjpeg handles objects in memory.

Microsoft Knowledge Base Article 4015067 — A remote code execution vulnerability exists in the way that the VBScript engine, when rendered in Internet Explorer, handles objects in memory. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. The update addresses the vulnerability by modifying how the VBScript scripting engine handles objects in memory.

Microsoft Knowledge Base Article 4015068 — An elevation of privilege vulnerability exists when LDAP request buffer lengths are improperly calculated. The update addresses the vulnerability by correcting how LDAP request buffer lengths are calculated.

Microsoft Knowledge Base Article 4015195 — A Win32k information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how win32k handles objects in memory.

Microsoft Knowledge Base Article 4015380 — An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how ATMFD.dll handles objects in memory.

Microsoft Knowledge Base Article 4015383 — This security update addresses an information disclosure vulnerability that exists within the open-source libjpeg image-processing library. I fails to properly handle objects in memory, allowing an attacker to retrieve information that could lead to an Address Space Layout Randomization (ASLR) bypass.

Microsoft Knowledge Base Article 4017018 — This security update replaces the following previously released security update MS17-011 and MS17-013.


Internet Explorer

Microsoft Knowledge Base Article 4015551 — This security update includes improvements and fixes that were a part of update KB4012220 (released March 21, 2017) and also resolves security vulnerabilities in Internet Explorer, Scripting Engine, Hyper-V, Win32K, Adobe Type Manager Font Driver, Microsoft Outlook, Graphics component, Lightweight Directory Access Protocol and Windows OLE.


Microsoft Office 2007 (all editions) and Other Software

Microsoft Knowledge Base Article 3141529 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (source)

Microsoft Knowledge Base Article 3191827 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created." (source)

Microsoft Knowledge Base Article 3191829 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exists when Office improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." (source)

Microsoft Knowledge Base Article 3127890 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." (source) "A security feature bypass vulnerability exists in Microsoft Office software when the Office software improperly handles the parsing of file formats." (source)

Microsoft Knowledge Base Article 3191830 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created." (source)


Microsoft Office 2010 (all editions)

Microsoft Knowledge Base Article 3141538 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (source)

Microsoft Knowledge Base Article 3191847 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created." (source)

Microsoft Knowledge Base Article 2589382 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exists when Office improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." (source)

Microsoft Knowledge Base Article 3118388 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." (source) "A security feature bypass vulnerability exists in Microsoft Office software when the Office software improperly handles the parsing of file formats." (source)


Microsoft Office 2013 (all editions)

Microsoft Knowledge Base Article 3178710 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

Microsoft Knowledge Base Article 3172519 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities do these updates fix? "A security feature bypass vulnerability exists in Microsoft Office software when the Office software improperly handles the parsing of file formats." (source) "A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could take control of an affected system." (source)


Microsoft Office 2013 RT (all editions)

Microsoft Knowledge Base Article 3172542 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

Microsoft Knowledge Base Article 3172464 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities do these updates fix? "The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user." (source)


Microsoft Office 2016 (all editions)

Microsoft Knowledge Base Article 3178703 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights … The update addresses the vulnerability by correcting the way that Microsoft Office and WordPad parses specially crafted files, and by enabling API functionality in Windows that Microsoft Office and WordPad will leverage to resolve the identified issue." (source)

Microsoft Knowledge Base Article 3178702 — Microsoft has released an update for Microsoft Office that turns off the Encapsulated PostScript (EPS) Filter in Office by default, as a defense-in-depth measure.

Microsoft Knowledge Base Article 3178664 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could take control of an affected system." (source) "A security feature bypass vulnerability exists in Microsoft Office software when the Office software improperly handles the parsing of file formats." (source)


Microsoft Office Web Apps 2010 (all versions)

Microsoft Knowledge Base Article 3101522 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

Microsoft Knowledge Base Article 3191845 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities do these two updates fix? "An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Office Web Apps server. The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the victim, such as change permissions, delete content, steal sensitive information (such as browser cookies), and inject malicious content in the browser of the victim." (source)


Microsoft Office Web Apps 2013 (all versions)

Microsoft Knowledge Base Article 3178725 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "An elevation of privilege vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Office Web Apps server. The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user." (source)