Cybersecurity Insurance Checklist - Meet Insurance Requirements with BeyondTrust PAM Download for Free

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Patch Tuesday June 2016

June 15, 2016

  • Blog
  • Archive

Patch Tuesday

This month’s Patch Tuesday brings in 16 bulletins, 5 of which are Critical. The products under the Critical Severity Rating were Internet Explorer, Edge, JScript and VBScript, Office, and DNS Server. In total there are 44 vulnerabilities that are addressed.

MS16-063 Cumulative Security Update for Internet Explorer (3163649)

As our usual first suspect, Internet Explorer is patched for multiple vulnerabilities, including a memory corruption within the browser, JScript and VBScript engine memory corruption, an XSS filter bypass, and proxy discovery fixes. Similar to last month’s Internet Explorer bulletin, this bulletin is closely tied with the JScript and VBScript engine’s bulletin MS16-069.

MS16-068 Cumulative Security Update for Microsoft Edge (3163656)

Up next, Edge is patched for a security bypass within Content Security Policy, four memory corruption vulnerabilities, an information disclosure and remote code execution vulnerability when handling specially crafted PDF files. One thing to note is that CVE-2016-3222 was publicly disclosed prior to this bulletins release, however, there are no reports of this being actively exploited.

MS16-069 Cumulative Security Update for JScript and VBScript (3163640)

As mentioned before, this bulletin is closely tied with the Internet Explorer bulletin, however this patch applies to systems running IE7 and earlier. The update addresses three memory corruption vulnerabilities caused by how the JScript and VBScript Engine handles objects in memory. Successful exploitation can allow a remote attacker to execute arbitrary code with the same user rights as the current user.

MS16-070 Security Update for Microsoft Office (3155544)

As usual, vulnerabilities in Office rear their ugly heads. The update addresses memory handling, and input validation before loading libraries. The vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file, so it is important to verify that the file you are opening is actually from a valid source.

MS16-071 Security Update for Microsoft Windows DNS Server (3164065)

Windows Servers that are configured as DNS servers are at risk for a vulnerability where the DNS server fails to properly handle requests. The vulnerability could allow remote code execution if an attacker sends specially crafted requests to a DNS server, and would execute with the privileges of the local account.

MS16-072 Security Update for Group Policy (3163622)

This update addresses a vulnerability that can allow network Group Policies to be configured to grant administrator privileges to standard users. To exploit this vulnerability, an attacker would need to launch a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine.

MS16-073 Security Update for Windows Kernel-Mode Drivers (3164028)

Windows Kernel-Mode Drivers contain a two elevation of privilege vulnerabilities, caused by improper handling of objects in memory. Additionally, an information disclosure vulnerability is addressed within the Windows Virtual PCI virtual service provider, which can allow attackers to gain knowledge of sensitive memory contents to aid in successful exploitation.

MS16-074 Security Update for Microsoft Graphics Component (3164036)

ASLR (Address Space Layout Randomization) protects users from a wide variety of vulnerabilities. This security update fixes a vulnerability wherein an attacker could manipulate the Windows Graphics Component to leak information to bypass the ASLR. By bypassing the ASLR, the attacker could then take advantage of any number of vulnerabilities that could lead to remote code execution.

MS16-075 Security Update for Windows SMB Server (3164038)

Similar to MS16-074, this vulnerability doesn’t directly grant arbitrary code execution, but in conjunction with other vulnerabilities it could lead to it. An attacker would first have to log on to the system, then run a specially crafted application. Then the attacker could forward an authentication request intended for the malicious application through the SMB Server and take control of an affected system.

MS16-076 Security Update for Netlogon (3167691)

A memory corruption vulnerability exists where a domain-authenticated attacker could make a specially-crafted NetLogon request to the domain controller, granting access to the target system.

MS16-077 Security Update for WPAD (3165191)

Sometimes being backwards compatible can hurt. An elevation of privilege vulnerability exists in Microsoft Windows when the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process. An attacker who successfully exploited this vulnerability could bypass security and gain elevated privileges on a targeted system.

MS16-078 Security Update for Windows Diagnostic Hub (3165479)

An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library loading behavior. The attacker could then run arbitrary code with administrator privileges.

MS16-079 Security Update for Microsoft Exchange Server (3160339)

Is your mail leaking? This update resolves multiple vulnerabilities in Microsoft Exchange Server, the most severe of which could leak information to an attacker, allowing the victim to be identified, fingerprinted, and tracked online. When combined with other vulnerabilities, this attack could be amplified.

MS16-080 Security Update for Microsoft Windows PDF (3164302)

This bulletin resolves two information disclosures and a remote code execution vulnerability within Widows PDF. Successful exploitation involves an attacker enticing victims into opening a specially crafted PDF file, leading to code execution in the context of the current user.

MS16-081 Security Update for Active Directory (3160352)

What would a Patch Tuesday be without one or two Denial of Service (DoS) vulnerabilities? An authenticated attacker could cause a DoS by creating multiple machine accounts within Active Directory. This update addresses how machine accounts are created.

MS16-082 Security Update for Microsoft Windows Search Component (3165270)

This security update fixes a memory handling error that could be manipulated by attackers. The vulnerability could allow denial of service if an attacker logs on to a target system and runs a specially crafted application.

Author, BeyondTrust Research Team

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Microsoft Vulnerabilities Report 2021

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.