Virtual Administrator’s August 2016 Patch Recommendations

8 Security Bulletins were released – 4 Critical, 4 Important, and 0 Moderate

This Month In Brief

9 Security Bulletins were released – 5 Critical, 4 Important

Windows 10 Anniversary Update was released August 2 – see below

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

MS16-095, MS16-096, MS16-097, MS16-099 and MS16-102 are rated Critical. After your next patch cycle completes you should follow up and make sure this is installed.

No out-of-band security updates were released during the last month.

Windows 10 Anniversary Update version 1607 upgrade

KAV (Kaspersky) is incompatible with Windows 10 Version 1607
Important Notice About KAV & Windows 10 Anniversary Update Patch
http://community.kaseya.com/xsp/f/142/t/22290.aspx

“This week Microsoft released Windows 10 Anniversary Patch. Our testing shows there is incompatibility with Kaspersky Antivirus, the underlying engine in Kaseya Antivirus (KAV). More specifically, KAV will not install on Windows 10 Anniversary Edition and will be uninstalled if an endpoint is upgraded to Windows 10 Anniversary Edition.

Kaseya has reached out to Kaspersky and can confirm they are working on an update to their software. Kaseya will test and issue as patches for VSA R9.2 and VSA 9.3. We expect to release these patches before the end of August based on Kaspersky’s delivery date to us.”

Blocking Windows 10 Version 1607 – Deny KB3012973
Microsoft will gradually push out Version 1607 and it will arrive for WSUS on August 16. Right now Kaseya shows 2 new KBs for 1607 – KB3176929 and KB3176495. These are cumulative updates to Windows 10 Version 1607 – not the upgrader.
Deny KB3012973 – It looks the 1607 installer is the same KB used to upgrade Windows 7 and 8.1 over the past year. A new flavor of KB3012973 showed up on August 2 as “Feature update to Windows 10, version 1607”. This appears to be the 1607 upgrade. It remains denied in all of our patch polices as a KB Override. With that said Microsoft has a history of making the Windows 10 upgrades a “moving target” and we will continue to monitor for other KBs and update this blog accordingly.
We have approved KB3176929 and KB3176495 as they are updates to an existing 1607 install.

Heads Up!
Microsoft Cuts Windows 10 Rollback Period To 10 Days
https://www.petri.com/microsoft-cuts-windows-10-rollback-period-10-days

Windows 7 Update Slowness
Woody Leonhard has written a great article with the latest on this ongoing problem.
2 easy steps to speed up Windows 7 Update scans
http://www.infoworld.com/article/3105605/microsoft-windows/2-easy-steps-to-speed-up-windows-7-update-scans.html

Windows 10 cumulative updates are KB3176492, KB3176493 and KB3176495
Cumulative Update for Windows 10
https://support.microsoft.com/en-us/kb/3176492
Cumulative Update for Windows 10 Version 1511
https://support.microsoft.com/en-us/kb/3176493
Cumulative Update for Windows 10 Version 1607
https://support.microsoft.com/en-us/kb/3176495

Exploitability

Requires Restart

  • Servers:True
  • Workstations:True

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS16-095 Cumulative Security Update for Internet Explorer (3177356) (Internet Explorer) The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Details
Affected Software: Internet Explorer 9-11
Known Issues per MS:
MS16-096 Cumulative Security Update for Microsoft Edge (3177358) (Microsoft Edge) The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.
Details
Affected Software: Edge
Known Issues per MS:
MS16-097 Security Update for Microsoft Graphics Component (3177393) (Microsoft Office/Communictions Platforms) The vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document.
Details
Affected Software: Vista, Windows 7/8.1/10, Office 2007/2010, Server 2008/2008R2/2012/2012R2, Lync 2010/2013, Live Meeting 2007, Skype for Business 2016
Known Issues per MS:
MS16-099 Security Update for Microsoft Office (3177451) (Microsoft Office) The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.
Details
Affected Software: Office 2007/2010/2013/2016, Office 2011/2016 for MAC
Known Issues per MS:

IMPORTANT

MS16-101 Security Update for Windows Authentication Methods (3178465) (Microsoft Windows) The more severe of the vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a domain-joined system.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2, Windows RT 8.1
Known Issues per MS: https://support.microsoft.com/en-us/kb/3178465
MS16-098 Security Update for Windows Kernel-Mode Drivers (3178466) (Microsoft Windows) The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2
Known Issues per MS:
MS16-100 Security Update for Secure Boot (3179577) (Microsoft Windows) The vulnerability could allow security feature bypass if an attacker installs an affected boot manager and bypasses Windows security features.
Details
Affected Software: Windows 8.1/10, Server 2012/2012R2, Windows RT 8.1
Known Issues per MS: https://support.microsoft.com/en-us/kb/3179577
MS16-103 Security Update for ActiveSyncProvider (3182332) (Microsoft Windows) The vulnerability could allow information disclosure when Universal Outlook fails to establish a secure connection.
Details
Affected Software: Windows 10
Known Issues per MS:

MODERATE