Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-097: Vulnerabilities in the Microsoft graphics component could allow remote code execution: September 8, 2015


View products that this article applies to.

Summary

This security update resolves vulnerabilities in Windows, Microsoft Office, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded OpenType fonts.

To learn more about the vulnerability, see Microsoft Security Bulletin MS15-097.

↑ Back to the top


More Information

Important
  • All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

↑ Back to the top


Additional information about this security update


The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.
  • 2910994 MS15-097: Description of the security update for Skype for Business 2016: September 30, 2015
  • 3086255 MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015
  • 3087039 MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015
  • 3087135 MS15-097: Description of the security update for the graphics component in Windows Vista and Windows Server 2008: September 8, 2015
  • 3085546 MS15-097: Description of the security update for the 2007 Microsoft Office Suite: September 8, 2015
  • 3085529 MS15-097: Description of the security update for Office 2010: September 8, 2015
  • 3085500 MS15-097: Description of the security update for Microsoft Lync 2013 (Skype for Business): September 8, 2015


    Known issues in security update 3085500:
    3099414 You can't record after you install MS15-097 for Lync 2013 (Skype for Business)
  • 3081087 MS15-097: Description of the security update for Lync 2010: September 8, 2015
  • 3081088 MS15-097: Description of the security update for Lync 2010 Attendee (user-level installation): September 8, 2015
  • 3081089 MS15-097: Description of the security update for Lync 2010 Attendee (administrator-level installation): September 8, 2015
  • 3081090 MS15-097: Description of the security update for Live Meeting Console: September 8, 2015
  • 3081091 MS15-097: Description of the security update for Live Meeting Conferencing Add-in: September 8, 2015

↑ Back to the top


How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see
Get security updates automatically.

Note For Windows RT and Windows RT 8.1, this update is available through Windows Update only.
Method 2: Microsoft Download Center
You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS15-097 that corresponds to the version of Windows that you are running.

↑ Back to the top


More Information

Security update deployment information

Windows Vista (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Vista:
Windows6.0-KB3087039-x86.msu
Windows6.0-KB3087135-x86.msu
For all supported x64-based editions of Windows Vista:
Windows6.0-KB3087039-x64.msu
Windows6.0-KB3087135-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationWUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045171
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2008 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file namesFor all supported 32-bit editions of Windows Server 2008:
Windows6.0-KB3087039-x86.msu
Windows6.0-KB3087135-x86.msu
For all supported x64-based editions of Windows Server 2008:
Windows6.0-KB3087039-x64.msu
Windows6.0-KB3087135-x64.msu
For all supported Itanium-based editions of Windows Server 2008:
Windows6.0-KB3087039-ia64.msu
Windows6.0-KB3087135-ia64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationWUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045171
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 7 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 7:
Windows6.1-KB3087039-x86.msu
For all supported x64-based editions of Windows 7:
Windows6.1-KB3087039-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045171
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2008 R2 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported x64-based editions of Windows Server 2008 R2:
Windows6.1-KB3087039-x64.msu
For all supported Itanium-based editions of Windows Server 2008 R2:
Windows6.1-KB3087039-ia64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045171
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows 8 and Windows 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 8:
Windows8-RT-KB3087039-x86.msu
For all supported x64-based editions of Windows 8:
Windows8-RT-KB3087039-x64.msu
For all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3087039-x86.msu
For all supported x64-based editions of Windows 8.1:
Windows8.1-KB3087039-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045171
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported editions of Windows Server 2012:
Windows8-RT-KB3087039-x64.msu
For all supported editions of Windows Server 2012 R2:
Windows8.1-KB3087039-x64.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3045171
Registry key verificationNote A registry key does not exist to validate the presence of this update.

Windows RT and Windows RT 8.1 (all editions)

Reference Table

The following table contains the security update information for this software.
DeploymentThese updates are available via Windows Update only.
Restart RequirementYes, you must restart your system after you apply this security update.
Removal InformationClick Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates.
File InformationSee Microsoft Knowledge Base Article 3045171

Windows 10 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported 32-bit editions of Windows 10:
KB3081455 -Win10-RTM-X86-TSL.msu
For all supported x64-based editions of Windows 10:
KB3081455 -Win10-RTM-X64-TSL.msu
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementYes, you must restart your system after you apply this security update.
Removal informationTo uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates, and select from the list of updates.
File informationSee Microsoft Knowledge Base Article 3081091
Registry key verificationRegistry keys do not exist to validate the presence of these updates.

Microsoft Office 2007 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported editions of Microsoft Office 2007:
ogl2007-kb3085546-fullfile-x86-glb.exe
Installation switchesSee Microsoft Knowledge Base Article 912203
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.

To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal informationUse Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 3085546
Registry key verificationNot applicable

Microsoft Office 2010 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor all supported editions of Microsoft Office 2010 (32-bit editions):
ogl2010-kb3085529-fullfile-x86-glb.exe
For all supported editions of Microsoft Office 2010 (64-bit editions):
ogl2010-kb3085529-fullfile-x64-glb.exe
Installation switchesSee Microsoft Knowledge Base Article 912203
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.

To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal informationUse Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 3085529
Registry key verificationNot applicable

Microsoft Live Meeting 2007, Microsoft Lync 2010, Microsoft Lync 2010 Attendee, Microsoft Lync 2013 (Skype for Business), Microsoft Lync Basic 2013 (Skype for Business Basic), and Skype for Business 2016

Reference Table

The following table contains the security update information for this software.
Security update file nameFor Microsoft Live Meeting 2007 Console (3081090):
LMSetup.exe
For Microsoft Lync 2010 (32-bit) (3081087):
lync.msp
For Microsoft Lync 2010 (64-bit) (3081087):
lync.msp
For Microsoft Lync 2010 Attendee (user level install) (3081088):
AttendeeUser.msp
For Microsoft Lync 2010 Attendee (admin level install) (3081089):
AttendeeAdmin.msp
For all supported editions of Microsoft Lync 2013 (Skype for Business) (32-bit) and Microsoft Lync Basic 2013 (Skype for Business Basic) (32-bit):
lync2013-kb3085500-fullfile-x86-glb.exe
For all supported editions of Microsoft Lync 2013 (Skype for Business) (64-bit) and Microsoft Lync Basic 2013 (Skype for Business Basic) (64-bit):
lync2013-kb3085500-fullfile-x64-glb.exe
For Skype for Business 2016 (32-bit editions):
lync2016-kb2910994-fullfile-x86-glb.exe
For Skype for Business 2016 (64-bit editions):
lync2016-kb2910994-fullfile-x64-glb.exe
Installation switchesSee Microsoft Knowledge Base Article 912203
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.

To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal InformationUse Add or Remove Programs item in Control Panel.
File InformationFor Microsoft Live Meeting 2007 Console:
See Microsoft Knowledge Base Article 3081090
For all supported editions of Microsoft Lync 2010:
See Microsoft Knowledge Base Article 3081087
For Microsoft Lync 2010 Attendee (user level install):
See Microsoft Knowledge Base Article 3081088
For Microsoft Lync 2010 Attendee (admin level install):
See Microsoft Knowledge Base Article 3081089
For Microsoft Link 2013 (Skype for Business) and Microsoft Link Basic 2013 (Skype for Business Basic):
See Microsoft Knowledge Base Article 3085500
For Skype for Business 2016:
See Microsoft Knowledge Base Article 2910994
Registry Key VerificationFor Microsoft Live Meeting 2007 Console:
Not applicable
For Microsoft Lync 2010 (32-bit):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}
Version = 7577.4478
For Microsoft Lync 2010 (64-bit):
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}
Version = 7577.4478
For Microsoft Lync 2010 Attendee (admin level install):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\94E53390F8C13794999249B19E6CFE33\InstallProperties\DisplayVersion = 4.0.7577.4478
For Microsoft Lync 2010 Attendee (user level install):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}
Version = 7577.4478
For Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic):
Not applicable
For Skype for Business 2016:

Not applicable

File hash information
File nameSHA1 hashSHA256 hash
lync.exe (x64)FF5F11E2F1ECD9847F397B08FA12CC6D09507B46F417E550187925642CE0DB5DE1ACF41B75D9C32E5386D96B0F484CD04241E547
lync.exe (x86) CA324F246939D5DCF99BC1FC0C6E8AC70D54DE2ED074B515DC43F78EC5AC42C68BAFBE0E57DFEDA48ADF7C6C725BC615D873322C
AttendeeAdmin.msp6D0A6BBD161E956C60474F7331F8DC991916D8F4DE3E353FE6A44E4CB187A2D5D954B017F7330D8B3514D13BF774D387CEF4B308
AttendeeUser.msp127B8CB80DA59F951C642A904657B13294EF47FB4BE75AFB7A64203869061F9EB8848D6985E58FDB3BF27EA101976F332CD31CD2
ConfAddins_Setup_x64.exe046CD78DB54A0C567F94550C303718EB79D8E9628092F771E27E59852A913ECEFEC4B9BABDA62D6BB96699661678749EC512770F
ConfAddins_Setup_x86.exe091C0ADFEA56715E2AD29C8EC590423F0BDCFDA4430FF247838599CBDC7215CE6AC2FD0CBDFC1D603C489C4795B0571F242B9C35
LMSetup.exe95A4736FE7B3CB59DCEEE52462E563FA049ECA1826CE4BB7F01AB938E89FE230ED2AFDA26E265360B971716E661822CAC52CD0EA
Lync_x64.mspB3158DAA903A2B2422CBDED0E362998BF5E36F0F12B86A62BF609398686A103CE297A0592EB334A6CBB6A41EC193E629DF6D68A2
Lync_x86.msp8335902DB69204BB66EB408348607EB7EC3A09E4E4BB57996C78AA02AB519D3BB85C29AC82AD79655BA71E780E6413133B171B8B
lync2013-kb3085500-fullfile-x64-glb.exeB4EAF60A666306CF800CB63502BCCB86E03896C4CDBDEF88A99D24690EFAA7DE514E5CC8D6AACFF19A08E43D6615EF92C8C0052A
lync2013-kb3085500-fullfile-x86-glb.exe9FC79523CDEB6942C14B2707A90DCD1A14774FEBBCC2B7A59C282D20A846F13A44BF01F5EC30B94BFB52CA493F29E8DA3AEAD9E1
ogl2007-kb3085546-fullfile-x86-glb.exe44A7783A16E7CF7C144D3FCCDA18985B19EF040BB851075C8951AD6F90BC43A4EE7FC0B0B9C6087D74936EE78B3F4E93CF900F6B
ogl2010-kb3085529-fullfile-x64-glb.exeD7BC27F9F6D1F2A4C13D81EAA253F2A97A1ECBF2535DE61D75A1D967EF927CA614AF48F9AB1A740E2A5E5C00791261F9ACBFDE08
ogl2010-kb3085529-fullfile-x86-glb.exe6FC8B148094DB800D3A0C97ED791D0EC5CA9EE47433D4B8E98197589330ECDBF6810520C1C627CDAF585B5563BFE25AF3397A288
Windows6.0-KB3087039-ia64.msu8F36FF2772342D8D4E14A44C1B58BE921CDCBC8C8758E713D9D514E68BF2B752A76CFD29873BE78DF927005BB3F192D123FBB8F5
Windows6.0-KB3087039-x64.msu3E8C363D5443E350175570C05CA235911C5230D6AAB19ADAF4BD94AB730ED5E43F86F412E1EE61B06762E2E3245C0D11639E552F
Windows6.0-KB3087039-x86.msu713236A1DF235EB0A293BA9909A8842CA2F79C0B85F8E4F5182D68A230CFA41BEF2751482E281A28A3EE5B4D34DBCEC07122ACE3
Windows6.0-KB3087135-ia64.msu4ADBFF498853C8D6E6AE762E111E19B3F03AE29E7873293F9ACEAC438D6F728BC5330776793D6B6A033090FA278EEC03C1E71811
Windows6.0-KB3087135-x64.msuED5D03BA983A7DB39E0CAFDDE4E534D1374C0575AD76C99F4DFE28866D70F4347C126B5B105004DA105C9B54060F8BA3DA3759D1
Windows6.0-KB3087135-x86.msuA10F423A7322C3A95DFBE6AF35AC3295B265E15BB46B26251DF06203E8B82261664512B9C14498BD41037B7B611ADD0D19DF1119
Windows6.1-KB3087039-ia64.msu7DFB1638064AA5BE66C81094F3FDFCC5234581F959AB9DA2BDECC7BF52F46BE0B62EEA41B70AFFBCFA147EC21E3B2F6158BDB161
Windows6.1-KB3087039-x64.msu84E034E020F101D36398C0AD70813BDB8FE3A84C16965BF8F99EA956E0B0D70009342F9713ADF32AAB87B97A358670C07F14EC2D
Windows6.1-KB3087039-x86.msu6B7052D39CBB7AA4CE8EB4C14D833B08080ACC150C89018F35B8DCCFE3C0F6563F82F39FA282DE96D5C4B0A75B64162F13F3053E
Windows8.1-KB3087039-arm.msu219CA9917C0BA4FD2DC5A69ADD822E872E2F296C06625E8872A438B4E6A7A944CC1E529AD080030879A102545177EF9F26A85AB9
Windows8.1-KB3087039-x64.msu4508EE0F43205300494BAFC69A1ADC472D7370CE377CD16A8376411874B4F2E1B24A38E7771C53B2C0A71514D61E25F50C48BDE6
Windows8.1-KB3087039-x86.msu9CBAA6974A4E404C235F0A7F55B80D60A38CF78CE78C18974E7EA303B4825CA24A6CDBE7D2BC06004C946915217776369D85DD6D
Windows8-RT-KB3087039-arm.msuCC0E460E4511EAA68266D9EBD7546924F2D872C5A03A3782CF6BF49629B5CFDEDFA32D2A5EAA6EDB8812899A8169665BDAEF76CA
Windows8-RT-KB3087039-x64.msuAE850C9EB9BF6306DD7941A181557E2A4B4C9BBC9F1B486D8B0B5A24FBFAC157AEE5949017F44F75FD5BB5EA16611F34EFDB09CB
Windows8-RT-KB3087039-x86.msuA1496FA1E05826E65A7C13CC95656E5E06266AFA34AD992D8304E8CC363D87EEFE775D262051E6E0A588384B22D764AE73705553

How to obtain help and support for this security update
Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

↑ Back to the top


Keywords: kb, atdownload, kbbug, kbexpertiseinter, kbfix, kblangall, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew

↑ Back to the top

Article Info
Article ID : 3089656
Revision : 1
Created on : 1/7/2017
Published on : 9/30/2015
Exists online : False
Views : 637