MS16-001 - Cumulative Security Update for Internet Explorer

Bulletin ID: 

MS16-001

Severity: 

Critical

Description: 

Severity Rating: Critical
Revision Note: V1.1 (February 19, 2016): In the Affected Software table, removed the severity and impact entries for Internet Explorer on all applicable versions of Microsoft Windows. Internet Explorer 7 is not affected by the vulnerabilities discussed in this bulletin; however, customers running Internet Explorer 7 will still be offered the 3124275 update. Microsoft recommends that customers install update 3124275 on systems that are running Internet Explorer 7 to receive the applicable non-security fixes listed in Microsoft Knowledge Base Article 3124275. This is an informational change only.
Summary: This security update resolves vulnerabilities in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Security advisory: 

Related content