Severity Rating: Critical
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Important
Revision Note: V1.0 (February 9, 2016): Click here to enter text.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to visit a malicious website.

Severity Rating: Important
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft .NET Framework. The more severe of the vulnerabilities could cause denial of service if an attacker insert specially crafted XSLT into a client-side XML web part, causing the server to recursively compile XSLT transforms.

Severity Rating: Critical
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Edge. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Severity Rating: Important
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow denial of service if an attacker sends certain input data during forms-based authentication to an ADFS Server, causing the server to become nonresponsive.

Severity Rating: Important
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker uses the Microsoft Web Distributed Authoring and Versioning (WebDAV) client to improperly validate input.

Revision Note: V1.0 (February 9, 2016): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of Visual Studio 2013, Visual Studio 2015, ASP.NET MVC5, and ASP.NET MVC6. This advisory also provides guidance on what developers can do to help ensure that the controls and components that they have built are not subject to the vulnerability.

Severity Rating: Critical
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if Microsoft Windows PDF Library improperly handles application programming interface (API) calls, which could allow an attacker to run arbitrary code on the user’s system. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. However, an attacker would have no way to force users to download or open a malicious PDF document.

Revision Note: V1.0 (February 9, 2016): Bulletin Summary published.
Summary: This bulletin summary lists security bulletins released for January 2016.

Severity Rating: Critical
Revision Note: V1.0 (February 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows 10 Version 1511. For more information, see the Affected Software section. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge.