MS15-040 - Security Update for Microsoft XML Core Service to Address Remote Code Execution

Bulletin ID: 

MS15-040

Severity: 

Critical

Description: 

Severity Rating: Critical
Revision Note: V1.0 (April 12, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow code execution if a user clicks a specially crafted link that could allow an attacker to run malicious code remotely to take control of the user’s system. However, in all cases an attacker would have no way to force users to click a specially crafted link. An attacker would have to convince users to click the link, typically by way of an enticement in an email or Instant Messenger message.

Security advisory: 

Related content