Microsoft Security Bulletin(s) for May 12 2015

[NICK ADSL UK]

Microsoft Security Bulletin(s) for May 12 2015

Note: There may be latency issues due to replication, if the page does not display keep refreshing
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
https://technet.microsoft.com/en-us/library/security/ms15-may.aspx

Critical (3)
Cumulative Security Update for Internet Explorer (3049563)
Microsoft Security Bulletin MS15-043 - Critical

Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution (3057110)
Microsoft Security Bulletin MS15-044 - Critical

Vulnerability in Windows Journal Could Allow Remote Code Execution (3046002)
Microsoft Security Bulletin MS15-045 - Critical

Important (10)
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)
Microsoft Security Bulletin MS15-046 - Important

Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (3058083)
Microsoft Security Bulletin MS15-047 - Important

Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3057134)
Microsoft Security Bulletin MS15-048 - Important

Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985)
Microsoft Security Bulletin MS15-049 - Important

Vulnerability in Service Control Manager Could Allow Elevation of Privilege (3055642)
Microsoft Security Bulletin MS15-050 - Important

Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057191)
Microsoft Security Bulletin MS15-051 - Important

Vulnerability in Windows Kernel Could Allow Security Feature Bypass (3050514)
Microsoft Security Bulletin MS15-052 - Important

Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass (3057263)
Microsoft Security Bulletin MS15-053 - Important

Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service (3051768
Microsoft Security Bulletin MS15-054 - Important

Vulnerability in Schannel Could Allow Information Disclosure (3061518
http://go.microsoft.com/fwlink/?LinkId=536690
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.
As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

 

[robertc]

This morning I only saw two Optional updates, and neither of them are in the list above. I usually am notified of all the updates in their list. Is that normal?? The only ones I see are 3022345 and 3048761.

I have Windows 7 Home and IE9.

Also don't they release the Malicious Software thing every month?

 

[robertc]

This morning I only saw two Optional updates, and neither of them are in the list above. I usually am notified of all the updates in their list. Is that normal?? The only ones I see are 3022345 and 3048761.

I have Windows 7 Home and IE9.

Also don't they release the Malicious Software thing every month?

Oops, I just did a manual Check for Updates and 17 Updates now appear. One of the two Optional ones is not there any more.

 

[Seffrid]

Usually I do get the Malicious Software Removal Tool as part of the updates package, but last month it was only included on one machine and didn't appear on the other one until I had installed all the updates (although one of them failed but installed ok on its own).

Those two optional updates were offered before today, they were part of a batch offered around the end of April as I recall. I haven't installed any of that batch yet as they were showing as optional and I was awaiting further advice on them. Are you sure the two missing ones aren't in the optional section?

 

[Scottyboy99]

All installed. Everything seems to be ticking along ok. It was a big one, 30 of them. Phew, glad it's over!