Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service gain privileges, execute arbitrary code or obtain sensitive information.

Below is a complete list of vulnerabilities

1. Improper input validation can be exploited locally via a specially designed input;
2. Improper thread handling can be exploited locally via unknown vectors;
3. Improper 2D figures handling can be exploited remotely via a specially designed files;
4. Improper JPEG files parsing can be exploited remotely via a specially designed file or memory manipulations;
5. An unknown vulnerability can be exploited remotely via a specially designed web content;
6. An unknown vulnerability can be exploited remotely via vectors related to IPv6;
7. Improper handling objects in memory can be exploited remotely via an unknown vectors;
8. Improper file associations handling can be exploited remotely via vectors related to Windows Shell;
9. Improper user state validation can be exploited remotely via vectors related to SAMR;
10. Improper iSCSI packets handling can be exploited remotely via an unknown vectors;
11. An unknown vulnerability can be exploited remotely via vectors related to RDP, On-Screen keyboard, DirectShow, Internet Explorer, Microsoft IME for Japanese and Task Sheduler;
12. Improper .bat or .cmd files processing can be exploited locally via DLL hijack;
13. Improper passwords handling can be exploited remotely via share access;
14. Improper TCP implementation can be exploited remotely via a specially designed TCP header;
15. Use-After-free can be exploited remotely via a specially designed Office document;
16. Improper font files restrictions can be exploited locally via a specially designed file;
17. Improper signatures validation can be exploited remotely via vectors related to Kerberos KDC;
18. Memory leak can be exploited remotely via a specially designed client;
19. Double free vulnerability can be exploited locally via a specially designed application;
20. An unknown vulnerability can be exploited via specially designed application;
21. Improper addresses validation can be exploited locally via specially designed IOCTL call;
22. Improper XML handling can be exploited remotely via a specially designed XML content;
23. Improper permissions validation can be exploited remotely via vectors related to Microsoft audio component;
24. Improper handling failed login attempts can be exploited via vectors related to RDP;
25. Improper memory allocation can be exploited remotely via a specially designed USB device;
26. An unknown vulnerability can be exploited remotely via a specially designed OLE object;
27. Improper packets handling can be exploited remotely via a vectors related to Secure Channel;
28. An unknown vulnerability can be exploited remotely via a specially designed Journal.

Windows XP Service pack 3
Windows XP Professional x64 Service Pack 3
Windows Server 2003 x86, x64, Itanium Service Pack 2
Windows Vista x86, x64 Service Pack 2
Windows Server 2008 x86, x64, Itanium Service Pack 2
Windows 7 x86, x64 Service Pack 1
Windows Server 2008 R2 x64, Itanium Service Pacl 1
Windows 8 x86, x64
Windows 8.1 x86, x64
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

2966631
2957482
2966061
2939576
2922229
2973201
2975689
2957189
3013126
2969259
2929961
3010788
2984615
2914368
3003743
3002885
2904659
2961858
3005607
2962490
2592687
2966034
2993958
2988948
2961072
2926765
2973932
2962123
2998579
2989935
2973906
2961899
2933826
2962478
2975685
2975684
2916036
2975681
2978742
2933528
2934418
2993254
2978668
2974286
2928120
2991963
2992611
3000869
3011443
2923392
2962488
2918614
2962485
2889913
2912390
2962486
2930275
2919355
2965788
2972280
2962073
2971850
2992719
2993651
3000061
2913602
2976897
2973408
3006226
3011780