Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Patch Tuesday October 2016

October 12, 2016

  • Blog
  • Archive

Patch Tuesday

This Patch Tuesday introduces ten bulletins, half of which are critically rated. Starting this month, Microsoft is rolling out a new update process (similar to Windows 10) for Windows 7, 8.1, 2012, and 2012R2 systems. Details can be found here.

MS16-118: Cumulative Security Update for Internet Explorer (3192887)

Kicking things off in usual fashion, Internet Explorer is patched for six memory corruptions, two elevation of privileges, and three information disclosures. The memory corruption vulnerabilities are the most severe, allowing for remote attackers to execute arbitrary code within the context of the current user.

MS16-119: Cumulative Security Update for Microsoft Edge (3192890)

Edge is back with a memory corruption within the browser and seven within the scripting engine, along with two information disclosures, an elevation of privilege, and a security feature bypass. Again the most sever vulnerabilities are the memory corruptions. What’s troubling is that when Edge was rolled out, it was considered light years ahead of IE, in terms of security. However, we’re seeing more and more vulnerabilities present themselves within Edge each month. This is one update you’ll not want to miss.

MS16-120: Security Update for Microsoft Graphics Component (3192884)

Microsoft Graphics Component makes a typical splash on this Patch Tuesday with seven separate vulnerabilities, two of which are considered critical. The critical vulnerabilities result in remote code execution, and the vulnerabilities rated important result in elevation of privilege and information disclosure. As usual these vulnerabilities stem from memory corruption when processing a malicious file. This should serve as yet another steady reminder to be careful about what links you click on, and verify the source of all email attachments. Two of these vulnerabilities were reported by Google Project Zero, one by Kaspersky Lab, and one by Qihoo 360 Vulcan Team.

MS16-121: Security Update for Microsoft Office (3194063)

Office is surprisingly only patched for one memory corruption vulnerability, giving this bulletin an important rating. Although one vulnerability is to blame, it spans across multiple products, including WebApps, and Sharepoint Server.

MS16-122: Security Update for Microsoft Video Control (3195360)

Coming as an unusual face on Patch Tuesday, Microsoft Video Control contains a critical vulnerability that could allow for remote code execution. As a typical attack vector, the software mishandles objects in memory and results in corruption. The code executed would have the same privileges as the user who opened the malicious file, so users should exercise least privilege in order to help mitigate this form of attack.

MS16-123: Security Update for Windows Kernel-Mode Drivers (3192892)

Kernel-Mode Drivers have been updated for multiple important rated vulnerabilities, all resulting in elevation of privilege. Once again, the issue stems from improper handling of objects stored in memory. An authenticated user could install a specially crafted application that exploits the vulnerability, allowing them to run arbitrary code within kernel mode, elevating the user’s privilege beyond that of an administrator. Two of these vulnerabilities were reported by members of Google Project Zero, one by Qihoo 360 Vulcan Team, and one by Tencent.

MS16-124: Security Update for Windows Registry (3193227)

Windows registry has come under the gun with four new CVE’s attached to its new knowledge base article that were discovered. This new discovery would let an attacker run a special application to gain access to information in the registry. The flaw is with how the Kernel API handles access to registry information. The update restricts how API handles this information.

MS16-125: Security Update for Diagnostics Hub (3193229)

Diagnostics Hub makes a casual appearance on this Patch Tuesday, with just one important rated vulnerability. Exploiting the vulnerability would result in elevation of privilege. The vulnerability stems from improper sanitization of input, which could lead to insecure library loading. To exploit this vulnerability, an attacker would have to log onto the system and run a maliciously crafted application. This vulnerability was reported by Google Project Zero.

MS16-126: Security Update for Microsoft Internet Messaging API (3196067)

Microsoft Internet Messaging API have been found guilty of improperly handling objects in its memory. A victim would have to navigate to a malicious website for them to be exploited. The attacker then would be able to test for the existence of files on the disk. This has been addressed by changing the way Internet Messaging API is handled in memory.

MS16-127: Security Update for Adobe Flash Player (3194343)

This security update is addressing the vulnerabilities release in Adobe security bulletin APSB16-32 that effect Internet Explorer 10 and 11, along with Edge. All twelve vulnerabilities address critical vulnerabilities according to Adobe. It was discovered that there are several code execution flaws that range from type confusion vulnerability, memory corruption vulnerability, and a use-after-free vulnerability. Also it addresses one of the bigger issues of a security bypass that could allow a potential attacker to take control of the system.

Author, BeyondTrust Research Team

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Mapping BeyondTrust Solutions to the Qatar National Information Assurance Policy v2.0

Whitepapers

KuppingerCole Executive Review - BeyondTrust Endpoint Privilege Management

Webcasts

Tech Talk Tuesday: Managing Vendor Access

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.