Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing 16 bulletins, eight of which are rated Critical.
-
MS16-051 Cumulative Security Update for Internet Explorer (3155533) MS Rating: Critical
Internet Explorer Security Feature Bypass (CVE-2016-0188) MS Rating: Important
A security bypass vulnerability for Internet Explorer exists in the User Mode Code Integrity (UMCI) component of Device Guard when it improperly validates code integrity.
Scripting Engine Memory Corruption Vulnerability (CVE-2016-0187) MS Rating: Critical
A remote code execution vulnerability exist in the way that the JScript and VBScript engines render when handling objects in memory in Internet Explorer
Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189) MS Rating: Critical
A remote code execution vulnerability exist in the way that the JScript and VBScript engines render when handling objects in memory in Internet Explorer
Microsoft Browser Memory Corruption Vulnerability (CVE-2016-0192) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Information Disclosure Vulnerability (CVE-2016-0194) MS Rating: Important
An information disclosure vulnerability exists when Internet Explorer does not properly handle files, which could allow an attacker to disclose the contents of arbitrary files on the user's computer.
-
MS16-052 Cumulative Security Update for Microsoft Edge (3155538) MS Rating: Critical
Scripting Engine Memory Corruption Vulnerability (CVE-2016-0186) MS Rating: Critical
A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge.
Microsoft Browser Memory Corruption Vulnerability (CVE-2016-0191) MS Rating: Critical
A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge
Microsoft Browser Memory Corruption Vulnerability (CVE-2016-0192) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2016-0193) MS Rating: Critical
A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge
-
MS16-053 Security Update for JScript and VBScript (3156764) MS Rating: Critical
Scripting Engine Memory Corruption Vulnerability (CVE-2016-0187) MS Rating: Critical
A remote code execution vulnerability exist in the way that the JScript and VBScript engines render when handling objects in memory in Internet Explorer
Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189) MS Rating: Critical
A remote code execution vulnerability exist in the way that the JScript and VBScript engines render when handling objects in memory in Internet Explorer
-
MS16-054 Security Update for Microsoft Office (3148775) MS Rating: Critical
Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-0140) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Microsoft Office Graphics RCE Vulnerability (CVE-2016-0183) MS Rating: Critical
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-0198) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
-
MS16-055 Security Update for Microsoft Graphics Component (3156754) MS Rating: Critical
Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0168) MS Rating: Important
An Information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerabilities could obtain information to further compromise the user’s system.
Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0169) MS Rating: Important
An Information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerabilities could obtain information to further compromise the user’s system.
Windows Graphics Component RCE Vulnerability (CVE-2016-0170) MS Rating: Critical
A remote code execution vulnerability exists when the Windows GDI component fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system.
Direct3D Use After Free Vulnerability (CVE-2016-0184) MS Rating: Critical
A remote code execution vulnerability exists when the Windows GDI component fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system.
Direct3D Use After Free Vulnerability (CVE-2016-0195) MS Rating: Critical
A remote code execution vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
-
MS16-056 Security Update for Windows Journal (3156761) MS Rating: Critical
Windows Journal Memory Corruption Vulnerability (CVE-2016-0182) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user.
-
MS16-057 Security Update for Windows Shell (3156987) MS Rating: Critical
Windows Shell Remote Code Execution Vulnerability (CVE-2016-0179) MS Rating: Critical
A remote code execution vulnerability exists when Windows Shell improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of the affected system.
-
MS16-058 Security Update for Windows IIS (3141083) MS Rating: Important
Windows DLL Loading Remote Code Execution Vulnerability (CVE-2016-0152) MS Rating: Important
A remote code execution vulnerability exists when Microsoft Windows fails to properly validate input before loading certain libraries. An attacker who successfully exploited this vulnerability could take control of an affected system.
-
MS16-059 Security Update for Windows Media Center (3150220) MS Rating: Important
Windows Media Center Remote Code Execution Vulnerability (CVE-2016-0185) MS Rating: Important
A vulnerability exists in Windows Media Center that could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could take control of an affected system.
-
MS16-060 Security Update for Windows Kernel (3154846) MS Rating: Important
Windows Kernel Elevation of Privilege Vulnerability (CVE-2016-0180) MS Rating: Important
An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions.
-
MS16-061 Security Update for Microsoft RPC (3155520) MS Rating: Important
RPC Network Data Representation Engine Elevation of Privilege Vulnerability (CVE-2016-0178) MS Rating: Important
An elevation of privilege vulnerability exists in the way that Microsoft Windows handles specially crafted Remote Procedure Call (RPC) requests. A privilege elevation can occur when the RPC Network Data Representation (NDR) Engine improperly frees memory.
-
MS16-062 Security Update for Windows Kernel-Mode Drivers (3158222) MS Rating: Important
Win32k Elevation of Privilege Vulnerability (CVE-2016-0171) MS Rating: Important
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode.
Win32k Elevation of Privilege Vulnerability (CVE-2016-0173) MS Rating: Important
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode.
Win32k Elevation of Privilege Vulnerability (CVE-2016-0174) MS Rating: Important
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode.
Win32k Information Disclosure Vulnerability (CVE-2016-0175) MS Rating: Important
A security feature bypass vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object.
Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability (CVE-2016-0176) MS Rating: Important
An elevation of privilege vulnerability exists when the DirectX Graphics kernel subsystem (dxgkrnl.sys) improperly handles objects in memory.
Win32k Elevation of Privilege Vulnerability (CVE-2016-0196) MS Rating: Important
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode.
Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability (CVE-2016-0197) MS Rating: Important
An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory.
-
MS16-064 Security Update for Adobe Flash Player (3157993) MS Rating: Critical
Security updates available for Flash Player MS Rating: Critical
Multiple security vulnerabilities exist in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
-
MS16-065 Security Update for .NET Framework (3156757) MS Rating: Important
Windows OLE Remote Code Execution Vulnerability (CVE-2016-0149) MS Rating: Important
An information disclosure vulnerability exists in the TLS/SSL protocol, implemented in the encryption component of Microsoft .NET Framework. An attacker who successfully exploited this vulnerability could decrypt encrypted SSL/TLS traffic.
-
MS16-066 Security Update for Virtual Secure Mode (3155451) MS Rating: Important
Hypervisor Code Integrity Security Feature Bypass (CVE-2016-0181) MS Rating: Important
A security feature bypass vulnerability exists when Windows incorrectly allows certain kernel-mode pages to be marked as Read, Write, Execute (RWX) even with Hypervisor Code Integrity (HVCI) enabled.
-
MS16-067 Security Update for SAM and LSAD Remote Protocols (3148527) MS Rating: Important
Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability (CVE-2016-0190) MS Rating: Important
An information disclosure vulnerability exists in Microsoft Windows when a USB disk mounted over Remote Desktop Protocol (RDP) through Microsoft RemoteFX is not correctly tied to the session of the mounting user.
More information on the vulnerabilities being addressed this month is available at Symantec's free Security Response portal and to our customers through the DeepSight Threat Management System.