December 2015 Microsoft Patch

Special Note: MS15-127 looks particularly "nasty". A remote code execution vulnerability in Microsoft's DNS server. Microsoft rates the exploitability as "2", but doesn't provide much details as to the nature of the vulnerability other than the fact that it can be triggered by remote DNS requests, which is bad news in particular if you are using a Microsoft DNS server exposed to the public internet. In this case, I would certainly expedite this patch. This is the vulnerability to look out for this time around.

Overview of the December 2015 Microsoft patches and their status.

#	Affected	Contra Indications - KB	Known Exploits	Microsoft rating(**)	ISC rating(*)
					clients	servers
MS15-124	Cumulative Security Update for Internet Explorer (Replaces MS15-124 )
	Internet Explorer CVE-2015-6083, CVE-2015-6134, CVE-2015-6135, CVE-2015-6136, CVE-2015-6138, CVE-2015-6139, CVE-2015-6140, CVE-2015-6141, CVE-2015-6142, CVE-2015-6143, CVE-2015-6144, CVE-2015-6145, CVE-2015-6146, CVE-2015-6147, CVE-2015-6148, CVE-2015-6149, CVE-2015-6150, CVE-2015-6151, CVE-2015-6152, CVE-2015-6153, CVE-2015-6154, CVE-2015-6155, CVE-2015-6156, CVE-2015-6157, CVE-2015-6158, CVE-2015-6159, CVE-2015-6160, CVE-2015-6161, CVE-2015-6162, CVE-2015-6162	KB 3116180	no.	Severity:Critical Exploitability: 1-4	Critical	Critical
MS15-125	Cumulative Security Update for Microsoft Edge (Replaces MS15-112 )
	Microsoft Edge CVE-2015-6139 CVE-2015-6140, CVE-2015-6142, CVE-2015-6148,CVE-2015-6151, CVE-2015-6153, CVE-2015-6154,CVE-2015-6155, CVE-2015-6158, CVE-2015-6159,CVE-2015-6161, CVE-2015-6168, CVE-2015-6169,CVE-2015-6170, CVE-2015-6176	KB 3116184	no.	Severity:Critical Exploitability: 1-4	Critical	Critical
MS15-126	Cumulative Security Update for JScript and VBScript (Replaces MS15-066 )
	JScript/VBScript (IE8,Vista and 2008 only) CVE-2015-6135 CVE-2015-6136	KB 3116178	no.	Severity:Critical Exploitability: 2,1	Critical	Critical
MS15-127	Remote Code Execution in Microsoft Windows DNS (Replaces MS12-017 )
	Microsoft DNS Server CVE-2015-6125	KB 3100465	no.	Severity:Critical Exploitability: 2	N/A	Critical
MS15-128	Remote Code Execution Vulnerability in Microsoft Graphics Component (Replaces MS15-115 )
	various components (.Net, Lync, Silverlight, Skype..) CVE-2015-6106 CVE-2015-6107 CVE-2015-6108	KB 3104503	no.	Severity:Critical Exploitability: 1,1,1	Critical	Critical
MS15-129	Remote Code Execution in Microsoft Silverlight (Replaces MS15-080 )
	Silverlight CVE-2015-6114 CVE-2015-6165 CVE-2015-6166	KB 3106614	no.	Severity:Critical Exploitability: 2,2,1	Critical	Important
MS15-130	Remote Code Execution in Microsoft Uniscribe (Replaces MS14-036 )
	Uniscribe CVE-2015-6130	KB 3108670	no.	Severity:Critical Exploitability: 3	Critical	Important
MS15-131	Remote Code Execution Vulnerability in Microsoft Office (Replaces MS15-116 )
	Office CVE-2015-6040 CVE-2015-6118 CVE-2015-6122 CVE-2015-6124 CVE-2015-6172 CVE-2015-6177	KB 3116111	no.	Severity:Critical Exploitability: 1,1,1,1,1,1	Critical	Important
MS15-132	Remote Code Execution in Microsoft Windows (Replaces MS15-122 MS15-115 )
	Windows CVE-2015-6128 CVE-2015-6132 CVE-2015-6133	KB 3116162	no.	Severity:Important Exploitability: 2,2,2	Critical	Important
MS15-133	Privilege Escalation Vulnerability in Windows PGM
	Microsoft Message Queuing (MSMQ) CVE-2015-6126	KB 3116130	no.	Severity:Important Exploitability: 2	Important	Important
MS15-134	Remote Code Execution in Windows Media Center (Replaces MS15-100 )
	Windows Media Center CVE-2015-6127 CVE-2015-6131	KB 3108669	no.	Severity:Important Exploitability: 2,2	Critical	Important
MS15-135	Privilege Elevation Vulnerability in Windows Kernel-Mode Drivers (Replaces MS15-122 MS15-115 )
	Kernel-Mode Drivers (Library Loading) CVE-2015-6171 CVE-2015-6173 CVE-2015-6174 CVE-2015-6175	KB 3119075	yes (CVE-2015-6175).	Severity:Important Exploitability: 1,1,1,4	Important	Important