Microsoft Patch Tuesday November 2016 brings 14 Security bulletins addressing 75 Vulnerabilities. Six of which are rated as Critical, eight are rated as Important. A vulnerability management solution can fix these vulnerabilities.
The Six Critical bulletins are as follows:
- MS16-129 for Microsoft’s Edge browser covers 17 CVE’s
- MS16-130 for Microsoft Windows covers 3 CVE’s
- MS16-131 for Microsoft Video Control covers 1 CVE’s
- MS16-132 for Microsoft Graphics Component covers 4 CVE’s
- MS16-141 for Adobe Flash Player covers 9 CVE’s
- MS16-142 for Internet Explorer covers 7 CVE’s
Critical vulnerabilities allow remote attackers to perform Remote Code Execution. However, a patch management solution can mitigate these. The other bulletins which are marked as important allow Remote code execution, Elevation of Privilege andĀ Security Feature Bypass.
One zero-day vulnerability is addressed by November 2016 Patch Tuesday update.
MS16-135(CVE-2016-7255) addresses a zero-day flaw (Windows zero-day flaw) which allows attackers to do local privilege escalation. Also, It can be used as a security sandbox escape. However, Attackers can run arbitrary code in kernel mode and log on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome’s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability(https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html).
Microsoft security bulletin summary for November 2016 in the order of severity:
MS16-129 : Vulnerabilities in Microsoft Edge (3199057)
Severity Rating: Critical
Affected Software: Microsoft Edge
Impact: Remote Code Execution
MS16-130 : Vulnerabilities in Microsoft Windows (3199172)
Severity Rating: Critical
Affected Software: Microsoft Windows
Impact: Remote Code Execution
MS16-131 : Vulnerabilities in Microsoft Video Control (3199151)
Severity Rating: Critical
Affected Software: Microsoft Video Control
Impact: Remote Code Execution
MS16-132 : Vulnerabilities in Microsoft Graphics (3199120)
Severity Rating: Critical
Affected Software: Microsoft Graphics Component
Impact: Remote Code Execution
MS16-141 : Vulnerabilities in Adobe Flash Player (3202790)
Severity Rating: Critical
Affected Software: Adobe Flash Player
Impact: Remote Code Execution
MS16-142 : Vulnerabilities in Internet Explorer (3198467)
Severity Rating: Critical
Affected Software: Internet Explorer
Impact: Remote Code Execution
MS16-133 : Vulnerabilities in Microsoft Office (3199168)
Severity Rating: Important
Affected Software: Microsoft Office
Impact: Remote Code Execution
MS16-134 : Vulnerabilities in Common Log File System Driver (3193706)
Severity Rating: Important
Affected Software: Windows Common Log File System (CLFS) driver
Impact: Elevation of Privilege
MS16-135 : Vulnerabilities in Windows Kernel-Mode Drivers (3199135)
Severity Rating: Important
Affected Software: Windows Kernel-Mode Drivers
Impact: Elevation of Privilege
MS16-136 : Vulnerabilities in Microsoft SQL Server (3199641)
Severity Rating: Important
Affected Software: Microsoft SQL Server
Impact: Elevation of Privilege
MS16-137 : Vulnerabilities in Windows Authentication Methods (3199173)
Severity Rating: Important
Affected Software: Microsoft Windows
Impact: Elevation of Privilege
MS16-138 : Vulnerabilities in Microsoft Virtual Hard Disk Driver (3199647)
Severity Rating: Important
Affected Software: Microsoft Virtual Hard Drive
Impact: Elevation of Privilege
MS16-139 : Vulnerabilities in Microsoft Windows Kernel (3199720)
Severity Rating: Important
Affected Software: Microsoft Windows Kernel
Impact: Elevation of Privilege
MS16-140 : Vulnerabilities in Boot Manager (3193479)
Severity Rating: Important
Affected Software: Boot Manager
Impact: Security Feature Bypass
Also, SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Additionally, Download Saner now and keep your systems updated and secure.