11 Security Bulletins were released – 6 Critical, 5 Important, and 0 Moderate
This Month In Brief
11 Security Bulletins were released – 6 Critical, 5 Important
We have not uncovered any widespread problems with any of these patches and are releasing all of them.
Critical patches MS16-084, MS16-085 and MS16-088 are your top priority this month. After your next patch cycle completes you should follow up and make sure these are installed. Lots of hype about MS16-087 as well as a warning – see below.
No out-of-band security updates were released during the last month.
MS16-087/KB3170455 There are two things you need to know about MS16-087. First, it’s not that bad. Second, there are some issues.
There have been a number of “the sky is falling” headlines about MS16-087 this week. It is novel as it is a remote code execution in the print spooler but it’s really no worse than most of the other critical threats out there. So make sure you apply MS16-087 as you would any other Security Bulletin rated Critical but don’t lose sleep over it.
With that said some have seen issues with GPO deployed printers using older drivers. See: http://marc.info/?l=patchmanagement&m=146853571904822&w=2
Heads Up! The delayed release of KB3159398 and KB3161561 is planned for Friday July 29. We will update the June 2016 Patch Recommendations post (https://clubmsp.com/msp/patch_updates/virtual-administrators-june-2016-patch-recommendations/) with more information prior to the release.
- Publically disclosed: None
- Being exploited: None
- Rated CRITICAL: MS16-084, MS16-085, MS16-086, MS16-087, MS16-088, MS16-093
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)
New Security Bulletins
|MS16-084 Cumulative Security Update for Internet Explorer (3169991)||(Internet Explorer) The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
|MS16-085 Cumulative Security Update for Microsoft Edge (3169999)||(Microsoft Edge) The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.
|MS16-086 Cumulative Security Update for JScript and VBScript (3169996)||(Microsoft Windows) The vulnerability could allow remote code execution if a user visits a specially crafted website.
|MS16-087 Security Update for Windows Print Spooler Components (3170005)||(Microsoft Windows) The more severe of the vulnerabilities could allow remote code execution if an attacker is able to execute a man-in-the-middle (MiTM) attack on a workstation or print server, or set up a rogue print server on a target network.
|MS16-088 Security Update for Microsoft Office (3170008)||(Microsoft Office/Services and Web Apps) The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.
|MS16-093 Security Update for Adobe Flash Player (3174060)||(Adobe Flash Player) This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows.
|MS16-089 Security Update for Windows Secure Kernel Mode (3170050)||(Microsoft Windows) The vulnerability could allow information disclosure when Windows Secure Kernel Mode improperly handles objects in memory.
|MS16-090 Security Update for Windows Kernel-Mode Drivers (3171481)||(Microsoft Windows) The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
|MS16-091 Security Update for .NET Framework (3170048)||(Microsoft .NET Framework) The vulnerability could cause information disclosure if an attacker uploads a specially crafted XML file to a web-based application.
|MS16-092 Security Update for Windows Kernel (3171910)||(Microsoft Windows) The most severe of the vulnerabilities could allow security feature bypass if the Windows kernel fails to determine how a low integrity application can use certain object manager features.
|MS16-094 Security Update for Secure Boot (3177404)||(Microsoft Windows) The vulnerability could allow Secure Boot security features to be bypassed if an attacker installs an affected policy on a target device.