Microsoft Security Bulletin Releases Issued: February 9, 2016

Security Bulletins / Advisories No Comments »

Summary

The following bulletins have undergone a major revision increment.

* MS15-118 – Important
* MS15-NOV

Bulletin Information:

MS15-118 – Important

– Title: Security Update for .NET Framework to Address Elevation
of Privilege (3104507)
https://technet.microsoft.com/library/security/ms15-118
– Reason for Revision: V2.0 (February 9, 2016): Revised bulletin
to announce the re-release of update 3098785 to address known
issues, discussed in Microsoft Knowledge Base Article 3318750,
that customers who are running Windows 8.1, Windows RT, or Windows
Server 2012 R2 may have experienced after installing .NET
Framework 4.6 on a machine that already has a fully-updated version
of .NET Framework 4.5.x. Microsoft recommends that customers scan
for new updates to download, and install the re-released update
3098785. For more information see Microsoft Knowledge Base Article
3318750.
– Originally posted: November 10, 2015
– Updated: February 9, 2015
– Bulletin Severity Rating: Important
– Version: 2.0

MS15-NOV

– Title: Microsoft Security Bulletin Summary for November 2015
https://technet.microsoft.com/library/security/ms15-nov
– Reason for Revision: V3.0 (February 9, 2016): For MS15-118,
Bulletin Summary revised to announce that update 3098785 has been
re-released to address known issues, discussed in Microsoft
Knowledge Base Article 3318750, that customers who are running
Windows 8.1, Windows RT, or Windows Server 2012 R2 may have
experienced after installing .NET Framework 4.6 on a machine that
already has a fully-updated version of .NET Framework 4.5.x.
Microsoft recommends that customers scan for new updates to
download, and install the re-released update 3098785. For more
information see Microsoft Knowledge Base Article 3318750.
– Originally posted: November 10, 2015
– Updated: February 9, 2015
– Bulletin Severity Rating: Not applicable
– Version: 3.0

Microsoft Security Advisory Notification Issued: February 9, 2016

Security Bulletins / Advisories No Comments »

Security Advisories Updated or Released Today

* Microsoft Security Advisory 3137909
– Title: Vulnerabilities in ASP.NET Templates Could Allow
Tampering
– Originally published: February 9, 2016
https://technet.microsoft.com/library/security/3137909
– Reason for Revision: V1.0 (February 9, 2016): Advisory
published.

* Microsoft Security Advisory (2871997)
– Title: Update to Improve Credentials Protection and Management
– Originally published: May 13, 2014
https://technet.microsoft.com/library/security/2871997
– Reason for Revision: V5.0 (February 9, 2016): Rereleased
advisory to announce the release of update 3126593 to enable the
Restricted Admin mode for Credential Security Support Provider
(CredSSP) by default. See Updates Related to this Advisory for
details.

Microsoft Security Bulletin Minor Revisions Issued: February 9, 2016

Security Bulletins / Advisories No Comments »

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS15-101 – Important
* MS15-128 – Critical

Bulletin Information:

MS15-101

– Title: Vulnerabilities in .NET Framework Could Allow Elevation of
Privilege (3089662)
https://technet.microsoft.com/library/security/ms15-101.aspx
– Reason for Revision: V1.2 (February 9, 2016): Revised bulletin to
announce a detection change for the 3074554 update for .NET
Framework 4.6. This is an informational change only. Customers
who have already successfully updated their systems do not need to
take any action.
– Originally posted: September 8, 2015
– Updated: February 9, 2016
– Bulletin Severity Rating: Important
– Version: 1.2

MS15-128

– Title: Security Update for Microsoft Graphics Component to Address
Remote Code Execution (3104503)
https://technet.microsoft.com/library/security/ms15-128.aspx
– Reason for Revision: V1.1 (February 9, 2016): Revised bulletin
to correct the updates replaced for .NET Framework 3.5.1 installed
on supported editions of Windows 7 and Windows Server 2008 R2.
This is an informational change only. There were no changes to the
update files. Customers who have already successfully updated their
systems do not need to take any action.
– Originally posted: December 8, 2015
– Updated: February 9, 2016
– Bulletin Severity Rating: Critical
– Version: 1.1

Microsoft Security Bulletin(s) for February 9, 2016

Security Bulletins / Advisories No Comments »

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/techne ··· security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»technet.microsoft.com/li ··· ms16-feb

Critical (6)

Microsoft Security Bulletin MS16-009
Cumulative Security Update for Internet Explorer (3134220)
»technet.microsoft.com/li ··· ms16-009

Microsoft Security Bulletin MS16-011
Cumulative Security Update for Microsoft Edge (3134225)
»technet.microsoft.com/li ··· ms16-011

Microsoft Security Bulletin MS16-012
Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3138938)
»technet.microsoft.com/li ··· ms16-012

Microsoft Security Bulletin MS16-013
Security Update for Windows Journal to Address Remote Code Execution (3134811)
»technet.microsoft.com/li ··· ms16-013

Microsoft Security Bulletin MS16-015
Security Update for Microsoft Office to Address Remote Code Execution (3134226)
»technet.microsoft.com/li ··· ms16-015

Microsoft Security Bulletin MS16-022
Security Update for Adobe Flash Player (3135782)
»technet.microsoft.com/li ··· ms16-022

Important (7)

Microsoft Security Bulletin MS16-014
Security Update for Microsoft Windows to Address Remote Code Execution (3134228)
»technet.microsoft.com/li ··· ms16-014

Microsoft Security Bulletin MS16-016
Security Update for WebDAV to Address Elevation of Privilege (3136041)
»technet.microsoft.com/li ··· ms16-016

Microsoft Security Bulletin MS16-017
Security Update for Remote Desktop Display Driver to Address Elevation of Privilege (3134700)
»technet.microsoft.com/li ··· ms16-017

Microsoft Security Bulletin MS16-018
Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3136082)
»technet.microsoft.com/li ··· ms16-018

Microsoft Security Bulletin MS16-019
Security Update for .NET Framework to Address Denial of Service (3137893)
»technet.microsoft.com/li ··· ms16-019

Microsoft Security Bulletin MS16-020
Security Update for Active Directory Federation Services to Address Denial of Service (3134222)
»technet.microsoft.com/li ··· ms16-020

Microsoft Security Bulletin MS16-021
Security Update for NPS RADIUS Server to Address Denial of Service (3133043)
»technet.microsoft.com/li ··· ms16-021

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact: For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

Microsoft Security Bulletin Minor Revisions Issued: January 27, 2016

Security Bulletins / Advisories No Comments »

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS15-106
* MS16-007
* MS15-OCT

Bulletin Information:

MS15-106

– Title: Cumulative Security Update for Internet Explorer
(3096441)
https://technet.microsoft.com/library/security/ms15-106.aspx
– Reason for Revision: V2.1 (January 27, 2016): Bulletin revised
to add CVE-2015-6184. This is an informational change only.
– Originally posted: October 13, 2015
– Updated: January 27, 2016
– Version: 2.1

MS16-007

– Title: Security Update for Microsoft Windows to Address Remote
Code Execution (3124901)
https://technet.microsoft.com/library/security/ms16-007.aspx
– Reason for Revision: V1.1 (January 27, 2016): 1) Added an Update
FAQ to explain that only certain versions of aepic.dll are affected
by CVE-2016-0018; therefore, some customers will not be offered update
3121461. 2) Added an Update FAQ to explain why some customers are not
being offered update 3109560. These are informational change only.
Customers who have already successfully installed the updates do not
need to take any further action.
– Originally posted: January 12, 2016
– Updated: January 27, 2016
– Version: 1.1

MS15-OCT

– Title: Microsoft Security Bulletin Summary for October 2015
https://technet.microsoft.com/library/security/ms15-oct.aspx
– Reason for Revision: V2.1 (January 27, 2016) For MS15-106,
Bulletin Summary revised to add CVE-2015-6184. This is an
informational change only.
– Originally posted: October 13, 2015
– Updated: January 27, 2016
– Version: 2.1

Microsoft Security Bulletin Minor Revisions Issued: January 19, 2016

Security Bulletins / Advisories No Comments »

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-JAN

Bulletin Information:

MS16-JAN

– Title: Microsoft Security Bulletin Summary for January 2016
https://technet.microsoft.com/library/security/ms16-jan.aspx
– Reason for Revision: V1.2 (January 19, 2016): Added a Known
Issues reference to the Executive Summaries table for MS16-004.
See Microsoft Knowledge Base Article 3114503 for more information.
– Originally posted: January 12, 2016
– Updated: January 19, 2016
– Version: 1.2

Microsoft Security Bulletin Minor Revisions Issued: January 14, 2016

Security Bulletins / Advisories No Comments »

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-006

Bulletin Information:

MS16-006

– Title: Security Update for Silverlight to Address Remote Code
Execution (3126036)
https://technet.microsoft.com/library/security/ms16-006.aspx
– Reason for Revision: V1.1 (January 14, 2016): Revised the
exploit status of CVE-2016-0034. At the time this security
bulletin was originally issued, Microsoft received a report
that could indicate a limited attack attempting to exploit
this vulnerability.
This is an informational change only. Customers who have
successfully installed the update do not need to take any
further action..
– Originally posted: January 12, 2016
– Updated: January 14, 2016
– Version: 1.1

Microsoft Security Bulletin Minor Revisions Issued: January 13, 2016

Security Bulletins / Advisories No Comments »

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-004
* MS16-005
* MS16-JAN

Bulletin Information:

MS16-004

– Title: Security Update for Security Update for Microsoft Office
to Address Remote Code Execution (3124585)
https://technet.microsoft.com/library/security/ms16-004.aspx
– Reason for Revision: V1.1 (January 13, 2016): For CVE-2016-0010,
clarified that the Preview Pane is an attack vector for this
vulnerability.
– Originally posted: January 12, 2016
– Updated: January 13, 2016
– Version: 1.1

MS16-005

– Title: Security Update for Windows Kernel-Mode Drivers to Address
Remote Code Execution (3124584)
https://technet.microsoft.com/library/security/ms16-005.aspx
– Reason for Revision: V1.1 (January 13, 2016): Corrected severity
and impact entries for Windows 10 in the Affected Software and
Vulnerability Severity Ratings table. This is an informational
change only. Customers who have successfully installed the update
do not need to take any further action.
– Originally posted: January 12, 2016
– Updated: January 13, 2016
– Version: 1.1

MS16-JAN

– Title: Microsoft Security Bulletin Summary for January 2016
https://technet.microsoft.com/library/security/ms15-jan.aspx
– Reason for Revision: V1.1 (January 13, 2016): Corrected the
Exploitability Assessment for CVE-2016-0034. This is an
informational change only.
– Originally posted: January 12, 2016
– Updated: January 13, 2016
– Version: 1.1

Microsoft Security Bulletin(s) for January 12, 2016

Security Bulletins / Advisories No Comments »

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/techne ··· security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»technet.microsoft.com/li ··· ms16-jan

Critical (6)

Microsoft Security Bulletin MS16-001
Cumulative Security Update for Internet Explorer (3124903)
»technet.microsoft.com/li ··· ms16-001

Microsoft Security Bulletin MS16-002
Cumulative Security Update for Microsoft Edge (3124904)
»technet.microsoft.com/li ··· ms16-002

Microsoft Security Bulletin MS16-003
Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3125540)
»technet.microsoft.com/li ··· ms16-003

Microsoft Security Bulletin MS16-004
Security Update for Microsoft Office to Address Remote Code Execution (3124585)
»technet.microsoft.com/li ··· ms16-004

Microsoft Security Bulletin MS16-005
Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584)
»technet.microsoft.com/li ··· ms16-005

Microsoft Security Bulletin MS16-006
Security Update for Silverlight to Address Remote Code Execution (3126036)
»technet.microsoft.com/li ··· ms16-006

Important (3)

Microsoft Security Bulletin MS16-007
Security Update for Microsoft Windows to Address Remote Code Execution (3124901)
»technet.microsoft.com/li ··· ms16-007

Microsoft Security Bulletin MS16-008
Security Update for Windows Kernel to Address Elevation of Privilege (3124605)
»technet.microsoft.com/li ··· ms16-008

Microsoft Security Bulletin MS16-010
Security Update in Microsoft Exchange Server to Address Spoofing (3124557)
»technet.microsoft.com/li ··· ms16-010

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact: For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

Microsoft Security Advisory Notification Issued: January 5, 2016

Security Bulletins / Advisories No Comments »

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2755801)
– Title: Update for Vulnerabilities in Adobe Flash Player in
Internet Explorer and Microsoft Edge
– Originally published: September 21, 2012
https://technet.microsoft.com/library/security/2755801
– Reason for Revision: V53.0 (January 5, 2016): Added the
3133431 update to the Current Update section.


© 2016 DP's Security Bits.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs

Featuring WPMU Bloglist Widget by YD WordPress Developer

Entries RSS Comments RSS Log in