Endpoint Protection

 View Only

Microsoft Patch Tuesday – October 2016 

Oct 11, 2016 02:28 PM

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing 10 security bulletins, five of which are rated Critical.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the October 2016 releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms16-oct

The following is a breakdown of the issues being addressed this month:

  1. MS16-118 Cumulative Security Update for Internet Explorer (3192887) MS Rating: Critical

    Microsoft Browser Information Disclosure Vulnerability (CVE-2016-3267) MS Rating: Moderate

    An information disclosure vulnerability exists when the Microsoft Browser improperly handles objects in memory.

    Microsoft Browser Elevation of Privilege Vulnerability (CVE-2016-3387) MS Rating: Important

    A Privilege Escalation Vulnerability exists when Internet Explorer or Edge fails to properly secure private namespace.

    Microsoft Browser Elevation of Privilege Vulnerability (CVE-2016-3388) MS Rating: Important

    A Privilege Escalation Vulnerability exists when Internet Explorer or Edge fails to properly secure private namespace.

    Internet Explorer Memory Corruption Vulnerability (CVE-2016-3384) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2016-3390) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft Browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Information Disclosure Vulnerability (CVE-2016-3391) MS Rating: Moderate

    An information disclosure vulnerability exists in Microsoft Browsers that leaves credential data in memory. An attacker who successfully exploited this vulnerability could harvest credentials from a memory dump of the browser process.

    Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298) MS Rating: Moderate

    An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2016-3331) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2016-3382) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft Browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2016-3383) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft Browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.


  2. MS16-119 Cumulative Security Update for Microsoft Edge (3192890) MS Rating: Critical

    Microsoft Browser Elevation of Privilege Vulnerability (CVE-2016-3387) MS Rating: Important

    A Privilege Escalation Vulnerability exists when Internet Explorer or Edge fails to properly secure private namespace.

    Microsoft Browser Elevation of Privilege Vulnerability (CVE-2016-3388) MS Rating: Important

    A Privilege Escalation Vulnerability exists when Internet Explorer or Edge fails to properly secure private namespace.

    Microsoft Browser Information Disclosure Vulnerability (CVE-2016-3267) MS Rating: Moderate

    An information disclosure vulnerability exists when the Microsoft Browser improperly handles objects in memory.

    Scripting Engine Memory Corruption Vulnerability (CCVE-2016-3389) MS Rating: Critical

    A remote code execution vulnerability exist in the way that the Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Scripting Engine Memory Corruption Vulnerability (CVE-2016-3390) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft Browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Information Disclosure Vulnerability (CVE-2016-3391) MS Rating: Moderate

    An information disclosure vulnerability exists in Microsoft Browsers that leaves credential data in memory. An attacker who successfully exploited this vulnerability could harvest credentials from a memory dump of the browser process.

    Microsoft Browser Security Feature Bypass Vulnerability (CVE-2016-3392) MS Rating: Moderate

    A security bypass vulnerability exists when the Edge Content Security Policy fails to properly handle validation of certain specially crafted documents.

    Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2016-3331) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2016-3382) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft Browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft Browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Scripting Engine Remote Code Execution Vulnerability (CVE-2016-7189) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

    Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge.


  3. MS16-120 Security Update for Microsoft Graphics Component (3192884) MS Rating: Critical

    GDI+ Information Disclosure Vulnerability (CVE-2016-3209) MS Rating: Important

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system.

    Win32k Elevation of Privilege Vulnerability (CVE-2016-3270) MS Rating: Important

    A Privilege Escalation Vulnerability exists in Windows when the Windows kernel fails to properly handle objects in memory.

    GDI+ Remote Code Execution Vulnerability (CVE-2016-3396) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.

    True Type Font Parsing Elevation of Privilege Vulnerability (CVE-2016-7182) MS Rating: Critical

    A Privilege Escalation Vulnerability exists in Windows when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

    GDI+ Information Disclosure Vulnerability (CVE-2016-3262) MS Rating: Important

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system.

    GDI+ Information Disclosure Vulnerability (CVE-2016-3263) MS Rating: Important

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system.

    GDI+ Remote Code Execution Vulnerability (CVE-2016-3393) MS Rating: Critical

    A Remote Code Execution vulnerability exists due to the way the Windows GDI handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.


  4. MS16-121 Security Update for Microsoft Office (3194063) MS Rating: Important

    Microsoft Office Memory Corruption Vulnerability (CVE-2016-7193) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files.


  5. MS16-122 Security Update for Microsoft Video Control (3195360) MS Rating: Critical

    Microsoft Video Control Remote Code Execution Vulnerability (CVE-2016-0142) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Video Control fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.


  6. MS16-123 Security Update for Windows Kernel-Mode Drivers (3192892) MS Rating: Important

    Win32k Elevation of Privilege Vulnerability (CVE-2016-3266) MS Rating: Important

    A Privilege Escalation Vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode.

    Win32k Elevation of Privilege Vulnerability (CVE-2016-3341) MS Rating: Important

    A Privilege Escalation Vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.

    Win32k Elevation of Privilege Vulnerability (CVE-2016-7211) MS Rating: Important

    A Privilege Escalation Vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode.

    Win32k Elevation of Privilege Vulnerability (CVE-2016-3376) MS Rating: Important

    A Privilege Escalation Vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode.

    Win32k Elevation of Privilege Vulnerability (CVE-2016-7185) MS Rating: Important

    A Privilege Escalation Vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode.


  7. MS16-124 Security Update for Windows Registry (3193227) MS Rating: Important

    Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2016-0070) MS Rating: Important

    A Privilege Escalation Vulnerability exists in Microsoft Windows when a Windows kernel API improperly allows a user to access sensitive registry information. To exploit the vulnerabilities, a locally authenticated attacker would need to run a specially crafted application.

    Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2016-0073) MS Rating: Important

    A Privilege Escalation Vulnerability exists in Microsoft Windows when a Windows kernel API improperly allows a user to access sensitive registry information. To exploit the vulnerabilities, a locally authenticated attacker would need to run a specially crafted application.

    Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2016-0075) MS Rating: Important

    A Privilege Escalation Vulnerability exists in Microsoft Windows when a Windows kernel API improperly allows a user to access sensitive registry information. To exploit the vulnerabilities, a locally authenticated attacker would need to run a specially crafted application.

    Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2016-0079) MS Rating: Important

    A Privilege Escalation Vulnerability exists in Microsoft Windows when a Windows kernel API improperly allows a user to access sensitive registry information. To exploit the vulnerabilities, a locally authenticated attacker would need to run a specially crafted application.


  8. MS16-125 Security Update for Diagnostics Hub (3193229) MS Rating: Important

    Windows Diagnostics Hub Elevation of Privilege (CVE-2016-7188) MS Rating: Important

    A Privilege Escalation Vulnerability exists in the Windows Diagnostics Hub Standard Collector Service when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input that could lead to unsecure library loading behavior.


  9. MS16-126 Security Update for Microsoft Internet Messaging API (3196067) MS Rating: Moderate

    Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298) MS Rating: Moderate

    An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk.


  10. MS16-127 Security Update for Adobe Flash Player (3194343) MS Rating: Critical

    Security updates available for Flash Player MS Rating: Critical

    Multiple security vulnerabilities exists in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.

More information on the vulnerabilities being addressed this month is available at Symantec's free Security Response portal and to our customers through the DeepSight Threat Management System.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.