Microsoft Security Bulletin Minor Revisions Issued: June 22, 2016

Security Bulletins / Advisories No Comments »
Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-063
* MS16-077
* MS16-JUN
* MS15-OCT


Bulletin Information:

MS16-063

– Title: Cumulative Security Update for Internet Explorer (3163649)
– »technet.microsoft.com/li ··· 063.aspx
– Reason for Revision: V1.1 (June 22, 2016): Bulletin revised to add
workarounds for CVE-2016-3213. This is an informational change only.
Customers who have successfully installed the updates do not need
to take any further action.
– Originally posted: June 14, 2016
– Updated: June 22, 2016
– Bulletin Severity Rating: Critical
– Version: 1.1

MS16-077

– Title: Security Update for WPAD (3165191)
– »technet.microsoft.com/li ··· 077.aspx
– Reason for Revision: V1.1 (June 22, 2016): Bulletin revised to add
an Update FAQ on behavior changes to be aware of after installing
this update. This is an informational change only.
– Originally posted: June 14, 2016
– Updated: June 22, 2016
– Bulletin Severity Rating: Important
– Version: 1.1

MS16-JUN

– Title: Microsoft Security Bulletin Summary for June 2016
– »technet.microsoft.com/li ··· JUN.aspx
– Reason for Revision: V2.1 (June 22, 2016): For MS16-075 and
MS16-076, added a Known Issue to the Executive Summaries table
for update 3161561. When you try to access a domain DFS namespace
(such as \\contoso.com\SYSVOL) on a computer that is configured to
require mutual authentication (by using the UNC Hardened Access
feature), you receive an “Access Denied” error message. Microsoft
is researching this problem and will post more information in this
article when it becomes available. For more information, see
Microsoft Knowledge Base Article 3161561.
– Originally posted: June 14, 2016
– Updated: June 22, 2016
– Bulletin Severity Rating: Not applicable
– Version: 2.1

MS15-OCT

– Title: Microsoft Security Bulletin Summary for October 2015
– »technet.microsoft.com/li ··· OCT.aspx
– Reason for Revision: V2.2 (June 22, 2016): For MS15-106,
added a Known Issue to the Executive Summaries table. After you
install the update, storage event is not triggered for localStorage
updates in an iFrame in Internet Explorer 11. For more information
and the solution to this known issue, see Microsoft Knowledge Base
Article 3168674. Previously for MS15-106, a Known Issue was added
that addresses an issue in which Internet Explorer 11 consumes
high memory and CPU cycles after you install cumulative update
3093983. For more information and the solution to this known issue,
see Microsoft Knowledge Base Article 3119070.
– Originally posted: October 13, 2015
– Updated: June 22, 2016
– Bulletin Severity Rating: Not applicable
– Version: 2.2

Adobe Security Advisory – June 14, 2016

Security Bulletins / Advisories No Comments »

Security Advisory for Adobe Flash Player

Release date: June 14, 2016

Vulnerability identifier: APSA16-03

CVE number: CVE-2016-4171

Platforms: Windows, Macintosh, Linux and Chrome OS

Summary

A critical vulnerability (CVE-2016-4171) exists in Adobe Flash Player 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe is aware of a report that an exploit for CVE-2016-4171 exists in the wild, and is being used in limited, targeted attacks. Adobe will address this vulnerability in our monthly security update, which will be available as early as June 16. For the latest information, users may monitor the Adobe Product Security Incident Response Team blog.

https://helpx.adobe.com/security/products/flash-player/apsa16-03.html

Microsoft Security Bulletin Summary for June 2016 Issued: June 16, 2016

Security Bulletins / Advisories No Comments »

This is a notification of an out-of-band security bulletin that was
added to the June Security Bulletin Summary on June 16, 2016.

The full version of the Microsoft Security Bulletin Summary for
June 2016 can be found at
<https://technet.microsoft.com/library/security/ms16-jun>.

Critical Security Bulletin (added to summary on June 16)

MS16-083

– Affected Software:
– Windows 8.1 for 32-bit Systems:
– Adobe Flash Player
– Windows 8.1 for x64-based Systems:
– Adobe Flash Player
– Windows Server 2012:
– Adobe Flash Player
(Windows Server 2012 Server Core installation not affected)
– Windows Server 2012 R2:
– Adobe Flash Player
(Windows Server 2012 R2 Server Core installation not affected)
– Windows RT 8.1:
– Adobe Flash Player
– Windows 10 for 32-bit Systems:
– Adobe Flash Player
– Windows 10 for x64-based Systems:
– Adobe Flash Player
– Windows 10 Version 1511 for 32-bit Systems:
– Adobe Flash Player
– Windows 10 Version 1511 for x64-based Systems:
– Adobe Flash Player
– Impact: Remote Code Execution
– Version Number: 1.0

Microsoft Security Bulletin Minor Revisions Issued: June 15, 2016

Security Bulletins / Advisories No Comments »
Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-074
* MS16-JUN

Bulletin Information:

MS16-074

– Title: Security Update for Microsoft Graphics Component (3164036)
– »technet.microsoft.com/li ··· 074.aspx
– Reason for Revision: V1.1 (June 15, 2016): Revised the Executive
Summary to correct the attack vector description. This is an
informational change only.
– Originally posted: June 14, 2016
– Updated: June 15, 2016
– Bulletin Severity Rating: Important
– Version: 1.1

MS16-JUN

– Title: Microsoft Security Bulletin Summary for June 2016
– »technet.microsoft.com/li ··· JUN.aspx
– Reason for Revision: V1.1 (June 15, 2016): For MS16-072, added a
Known Issue to the Executive Summaries table. The updates in MS16-072
change the security context with which user group policies are
retrieved. For more information about this by-design behavior
change, see Microsoft Knowledge Base Article 3163622. For
MS16-074, revised the Executive Summary to correct the attack
vector description. This is an informational change only.
– Originally posted: June 14, 2016
– Updated: June 15, 2016
– Bulletin Severity Rating: Not applicable
– Version: 1.1

Microsoft® Consumer Security MVP, 2004 – 2016
DP’s Security Bits

Microsoft Security Bulletin Releases Issued: June 14, 2016

Security Bulletins / Advisories No Comments »
Summary

The following bulletins have undergone a major revision increment.

* MS16-039 – Critical
* MS16-APR

Bulletin Information:

MS16-039

– Title: Security Update for Microsoft Graphics Component
(3148522)
– »technet.microsoft.com/li ··· 039.aspx
– Reason for Revision: V3.0 (June 14, 2016): Microsoft has
re-released security update 3144427 for affected editions of
Microsoft Lync 2010 and Microsoft Lync 2010 Attendee. The
re-release addresses issues customers might have experienced
downloading security update 3144427. Customers running Microsoft
Lync 2010 should install the update to be fully protected from
the vulnerability. See Microsoft Knowledge Base Article 3144427
for more information
– Originally posted: April 12, 2016
– Updated: June 14, 2016
– Bulletin Severity Rating: Critical
– Version: 3.0

MS16-APR

– Title: Microsoft Security Bulletin Summary for April 2016
– »technet.microsoft.com/li ··· apr.aspx
– Reason for Revision: For MS16-039, Bulletin Summary revised to
announce that Microsoft has re-released security update 3144427
for affected editions of Microsoft Lync 2010 and Microsoft Lync
2010 Attendee. The re-release addresses issues customers might
have experienced downloading update 3144427. Customers running
Microsoft Lync 2010 should install the update to be fully
protected from the vulnerability. See Microsoft Knowledge Base
Article 3144427 for more information.
– Originally posted: April 12, 2016
– Updated: June 14, 2016
– Bulletin Severity Rating: Not applicable
– Version: 2.0

Microsoft® Consumer Security MVP, 2004 – 2016
DP’s Security Bits

Microsoft Security Bulletin(s) for June 14, 2016

Security Bulletins / Advisories No Comments »

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/techne ··· security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»technet.microsoft.com/li ··· ms16-jun

Critical (5)

Microsoft Security Bulletin MS16-063
Cumulative Security Update for Internet Explorer (3163649)
»technet.microsoft.com/li ··· ms16-063

Microsoft Security Bulletin MS16-068
Cumulative Security Update for Microsoft Edge (3163656)
»technet.microsoft.com/li ··· ms16-068

Microsoft Security Bulletin MS16-069
Cumulative Security Update for JScript and VBScript (3163640)
»technet.microsoft.com/li ··· ms16-069

Microsoft Security Bulletin MS16-070
Security Update for Microsoft Office (3163610)
»technet.microsoft.com/li ··· ms16-070

Microsoft Security Bulletin MS16-071
Security Update for Microsoft Windows DNS Server (3164065)
»technet.microsoft.com/li ··· ms16-071

Important (11)

Microsoft Security Bulletin MS16-072
Security Update for Group Policy (3163622)
»technet.microsoft.com/li ··· ms16-072

Microsoft Security Bulletin MS16-073
Security Update for Windows Kernel-Mode Drivers (3164028)
»technet.microsoft.com/li ··· ms16-073

Microsoft Security Bulletin MS16-074
Security Update for Microsoft Graphics Component (3164036)
»technet.microsoft.com/li ··· ms16-074

Microsoft Security Bulletin MS16-075
Security Update for Windows SMB Server (3164038)
»technet.microsoft.com/li ··· ms16-075

Microsoft Security Bulletin MS16-076
Security Update for Netlogon (3167691)
»technet.microsoft.com/li ··· ms16-076

Microsoft Security Bulletin MS16-077
Security Update for WPAD (3165191)
»technet.microsoft.com/li ··· ms16-077

Microsoft Security Bulletin MS16-078
Security Update for Windows Diagnostic Hub (3165479)
»technet.microsoft.com/li ··· ms16-078

Microsoft Security Bulletin MS16-079
Security Update for Microsoft Exchange Server (3160339)
»technet.microsoft.com/li ··· ms16-079

Microsoft Security Bulletin MS16-080
Security Update for Microsoft Windows PDF (3164302)
»technet.microsoft.com/li ··· ms16-080

Microsoft Security Bulletin MS16-081
Security Update for Active Directory (3160352)
»technet.microsoft.com/li ··· ms16-081

Microsoft Security Bulletin MS16-082
Security Update for Microsoft Windows Search Component (3165270)
»technet.microsoft.com/li ··· ms16-082

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact: For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

Microsoft Security Bulletin Minor Revisions Issued: May 25, 2016

Security Bulletins / Advisories No Comments »
Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS15-JUL
* MS16-MAY
* MS15-126 – Critical
* MS15-134 – Important
* MS16-003 – Critical
* MS16-054 – Critical

Bulletin Information:

MS15-JUL

– Title: Microsoft Security Bulletin Summary for July 2015
– »technet.microsoft.com/li ··· jul.aspx
– Reason for Revision: V3.1 (May 25, 2016): For MS15-076, added a
Known Issues reference to the Executive Summaries table. For more
information, see Microsoft Knowledge Base Article 3067505. For
information about the solution for this Known Issue, see Microsoft
Knowledge Base Article 3155218.
– Originally posted: July 14, 2015
– Updated: May 25, 2016
– Bulletin Severity Rating: Not applicable
– Version: 3.1

MS16-MAY

– Title: Microsoft Security Bulletin Summary for May 2016
– »technet.microsoft.com/li ··· may.aspx
– Reason for Revision: V2.1 (May 25, 2016): For MS16-065, added a
Known Issue to the Executive Summaries table. After you install
any of the security updates that are included in MS16-065 on a
Front End or Standard Edition server for Lync Server 2010, Lync
Server 2013, or Skype for Business Server 2015, several
conferencing modalities no longer function for internal users.
For information about the solution for this Known Issue, see
Microsoft Knowledge Base Article 3165438.
– Originally posted: May 10, 2016
– Updated: May 25, 2016
– Bulletin Severity Rating: Not applicable
– Version: 2.1

MS15-126

– Title: Cumulative Security Update for JScript and VBScript to
Address Remote Code Execution (3116178)
– »technet.microsoft.com/li ··· 126.aspx
– Reason for Revision: V1.1 (May 25, 2016): Removed redundant
rows from the Vulnerability Severity Rating and Maximum Security
Impact by Affected Software table, and added the applicable
update numbers for clarity. This is an informational change only.
– Originally posted: December 8, 2015
– Updated: May 25, 2016
– Bulletin Severity Rating: Critical
– Version: 1.1

MS15-134

– Title: Security Update for Windows Media Center to Address
Remote Code Execution (3108669)
– »technet.microsoft.com/li ··· 134.aspx
– Reason for Revision: V1.1 (May 25, 2016): Removed the mitigating
factors for CVE-2015-6131 and CVE-2015-6127. These are
informational changes only.
– Originally posted: December 8, 2015
– Updated: May 25, 2016
– Bulletin Severity Rating: Important
– Version: 1.1

MS16-003

– Title: Cumulative Security Update for JScript and VBScript
to Address Remote Code Execution (3125540)
– »technet.microsoft.com/li ··· 003.aspx
– Reason for Revision: V1.1 (May 25, 2016): Removed redundant
rows from the Vulnerability Severity Rating and Maximum Security
Impact by Affected Software table, and added the applicable
update numbers for clarity. This is an informational change only.
– Originally posted: January 12, 2016
– Updated: May 25, 2016
– Bulletin Severity Rating: Critical
– Version: 1.1

MS16-054

– Title: Security Update for Microsoft Office (3155544)
– »technet.microsoft.com/li ··· 054.aspx
– Reason for Revision: V1.1 (May 25, 2016): Corrected the updates
replaced for Microsoft Office 2013 to 3114486 in MS16-004, and
for CVE-2016-0183, clarified that the Preview Pane is an attack
vector for this vulnerability. These are informational changes
only.
– Originally posted: May 10, 2016
– Updated: May 25, 2016
– Bulletin Severity Rating: Critical
– Version: 1.1

Microsoft® Consumer Security MVP, 2004 – 2016
DP’s Security Bits

Microsoft Security Bulletin Minor Revisions Issued: May 18, 2016

Security Bulletins / Advisories No Comments »

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-035 – Important

Bulletin Information:

MS16-035

– Title: Security Update for .NET Framework to Address Security
Feature Bypass (3141780)
https://technet.microsoft.com/library/security/ms16-035.aspx
– Reason for Revision: V2.1 (May 18, 2016): Revised bulletin to
clarify the distribution audience for the Microsoft .NET Framework
4.5.2 and Microsoft .NET Framework 4.6/4.6.1 security updates
that were re-released on May 10, 2016, as follows: The security
updates for Microsoft .NET Framework 4.5.2 have been re-released
to Limited Distribution Release (LDR) customers only. The security
updates for Microsoft .NET Framework 4.6/4.6.1 have been
re-released to all customers.
– Originally posted: March 8, 2016
– Updated: May 18, 2016
– Bulletin Severity Rating: Important
– Version: 2.1

Microsoft Security Advisory Notification Issued: May 18, 2016

Security Bulletins / Advisories No Comments »

Security Advisories Updated or Released Today

* Microsoft Security Advisory 2880823
– Title: Deprecation of SHA-1 Hashing Algorithm for Microsoft Root
Certificate Program
https://technet.microsoft.com/library/security/2880823.aspx
– Reason for Revision: V2.0 (May 18, 2016): Advisory updated to
provide links to the current information regarding the use of the
SHA1 hashing algorithm for the purposes of SSL and code signing.
For more information, see Windows Enforcement of Authenticode Code
Signing and Timestamping.
– Originally posted: November 12, 2013
– Updated: May 18, 2016
– Bulletin Severity Rating: None
– Version: 2.0

Microsoft Security Bulletin Minor Revisions Issued: May 13, 2016

Security Bulletins / Advisories No Comments »

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-MAY
* MS16-067 – Important

Bulletin Information:

MS16-MAY

– Title: Microsoft Security Bulletin Summary for May 2016
https://technet.microsoft.com/library/security/ms16-may.aspx
– Reason for Revision: V1.2 (May 13, 2016): For MS16-067,
Bulletin Summary revised to change the vulnerability severity
rating for Windows 8.1 and Windows RT 8.1 to Not applicable,
because these operating systems are not affected by the
vulnerability described in this bulletin. Customers who have
applied security update 3155784 do not need to take any further
action. This is an informational change only.
– Originally posted: May 10, 2016
– Updated: May 13, 2016
– Bulletin Severity Rating: Not applicable
– Version: 1.2

MS16-067

– Title: Security Update for Volume Manager Driver (3155784)
https://technet.microsoft.com/library/security/ms16-067.aspx
– Reason for Revision: V1.1 (May 13, 2016): Bulletin revised
to change the vulnerability severity rating for Windows 8.1
and Windows RT 8.1 to Not applicable, because these operating
systems are not affected by the vulnerability described in this
bulletin. Customers who have applied security update 3155784
do not need to take any further action. This is an informational
change only.
– Originally posted: May 10, 2016
– Updated: May 13, 2016
– Bulletin Severity Rating: Important
– Version: 1.1


© 2016 DP's Security Bits.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs

Featuring WPMU Bloglist Widget by YD WordPress Developer

Entries RSS Comments RSS Log in