Severity Rating: Important
Revision Note: V1.0 (September 13, 2016): Click here to enter text.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a target system.

Severity Rating: Critical
Revision Note: V1.0 (September 13, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In libraries that are built into Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.

Revision Note: V1.0 (September 13, 2016): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.0.0. This advisory also provides guidance on what developers can do to help ensure that their applications are updated correctly.

Severity Rating: Important
Revision Note: V1.0 (September 13, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Windows Secure Kernel Mode improperly handles objects in memory.

Severity Rating: Important
Revision Note: V1.0 (September 13, 2016): Bulletin published.
Summary: This security update resolves multiple vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker creates a specially crafted request and executes arbitrary code with elevated permissions on a target system.

Severity Rating: Critical
Revision Note: V1.0 (September 13, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Severity Rating: Critical
Revision Note: V1.0 (August 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, and Microsoft Lync. The vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Important
Revision Note: V1.0 (August 9, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker installs an affected boot manager and bypasses Windows security features.

Severity Rating: Important
Revision Note: V1.0 (August 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

Severity Rating: Important
Revision Note: V1.0 (August 9, 2016): Bulletin published.
Summary: This security update resolves multiple vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a domain-joined system.