MS15-100 - Vulnerability in Windows Media Center Could Allow Remote Code Execution

Bulletin ID: 

MS15-100

Severity: 

Important

Description: 

Severity Rating: Important
Revision Note: V1.0 (September 8, 2015): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Security advisory: 

Related content