Patch Tuesday: Microsoft Security Bulletin Summary For September 2016

  • Post author:
  • Reading time:5 mins read

sep-2016Microsoft Microsoft Patch Tuesday September 2016 brings 14 Security Bulletins addressing a total of 50 vulnerabilities. Seven Security Bulletins are rated as Critical and Seven are rated as Important. A vulnerability management solution can help deal with these vulnerabilities.

This month Seven bulletins are rated as Critical : MS16-104 for Internet Explorer, MS16-105 for Microsoft Edge,  MS16-106 for Microsoft Graphics Component, MS16-107 for Microsoft Office, MS16-108 for Microsoft Exchange, MS16-116 for Window OLE Automation for VBScript Scripting Engine, and MS16-117 for Adobe Flash Player. The critical vulnerabilities can be patched immediately using a patch management solution.

These Critical vulnerabilities allow remote attackers to perform Remote Code Execution. The other bulletins which are marked as important allow remote attackers to conduct a Denial of Service attack, or even execute arbitrary code with Elevated Privileges.

One Zero day vulnerability is addressed by MS16-104 (CVE-2016-3551) which is known to have been exploited in the wild  by AdGholas and GooNky Malvertising Groups, to conduct a massive, long-running malvertising operation.

Microsoft Patch Tuesday September 2016 in the order of severity:

MS16-104Vulnerabilities in Internet Explorer (3183038)
Severity Rating: Critical
Affected Software: Internet Explorer
Impact: Remote Code Execution

MS16-105Vulnerabilities in Microsoft Edge (3183043)
Severity Rating: Critical
Affected Software: Microsoft Edge
Impact: Remote Code Execution

MS16-106 : Vulnerabilities in Microsoft Graphics Component (3185848)
Severity Rating: Critical
Affected Software: Microsoft Graphics Component
Impact: Remote Code Execution

MS16-107Vulnerabilities in Microsoft Office (3185852)
Severity Rating: Critical
Affected Software: Microsoft Office
Impact: Remote Code Execution

MS16-108Vulnerabilities in Microsoft Exchange Server (3185883)
Severity Rating: Critical
Affected Software: Microsoft Exchange Server
Impact: Remote Code Execution

MS16-116 : Vulnerability in Window OLE Automation for VBScript Scripting Engine (3188724)
Severity Rating: Critical
Affected Software: VBScript Scripting Engine
Impact: Remote Code Execution

MS16-117Vulnerability in Adobe Flash Player (3188128)
Severity Rating: Critical
Affected Software: Adobe Flash Player
Impact: Remote Code Execution

MS16-109 : Vulnerability in how Microsoft Silverlight (3182373)
Severity Rating: Important
Affected Software: Microsoft Silverlight
Impact: Remote Code Execution

MS16-110 : Vulnerabilities in Microsoft Windows (3178467)
Severity Rating: Important
Affected Software: Microsoft Windows
Impact: Elevation of Privilege or Denial of Service

MS16-111 : Vulnerabilities in Windows Kernel (3186973)
Severity Rating: Important
Affected Software: Windows Kernel
Impact: Elevation of Privilege

MS16-112 : Vulnerabilities in Microsoft Windows Lock Screen (3178469)
Severity Rating: Important
Affected Software: Windows Lock Screen
Impact: Elevation of Privilege

MS16-113 : Vulnerabilities in Microsoft Windows Secure Kernel Mode (3185876)
Severity Rating: Important
Affected Software: Windows Secure Kernel Mode
Impact: Information Disclosure

MS16-115 : Vulnerabilities in Microsoft Windows PDF Library (3188733)
Severity Rating: Important
Affected Software: Microsoft Windows PDF Library
Impact: Information Disclosure

SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.