MS15-118 - Security Update for .NET Framework to Address Elevation of Privilege

Bulletin ID: 

MS15-118

Severity: 

Important

Description: 

Severity Rating: Important
Revision Note: V2.0 (February 9, 2016): Revised bulletin to announce the re-release of update 3098785 to address known issues, discussed in Microsoft Knowledge Base Article 3118750, that customers who are running Windows 8.1, Windows RT, or Windows Server 2012 R2 may have experienced after installing .NET Framework 4.6 on a machine that already has a fully-updated version of .NET Framework 4.5.x. Microsoft recommends that customers scan for new updates to download, and install the re-released update 3098785. For more information see Microsoft Knowledge Base Article 3118750.
Summary: This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if an attacker convinces a user to navigate to a compromised website or open a link in a specially crafted email that is designed to inject client-side code into the user’s browser.

Security advisory: 

Related content