Welcome to this September Patch Tuesday Bulletin. This month is stepping it up a notch from August with 14 bulletins total, 7 critical arbitrary code execution and 7 important. There was one vulnerability that is known to be exploited in the wild this month and it results in information disclosure. Start the month, as usual, with Internet Explorer and Edge by applying MS16-104 and MS16-105. Adobe Flash is a popular target so be sure to apply MS16-117 to update flash player installed on Windows. Follow up with MS16-107 and MS16-108 since these two bulletins address critical code execution vulnerabilities in Microsoft Office and Exchange which are present in almost every organization. Apply the remaining critical bulletins that include MS16-106 and MS16-116. MS16-109 remediates a vulnerability in Silverlight and could be exploited by visiting a malicious website. MS16-114 fixes an important vulnerability that could allow code execution if malicious network traffic was directed at a vulnerable SMBv1 server. MS16-110 and MS16-111 are both important rated bulletins that require local access to exploit. MS16-112 is an interesting bulletin. If malicious web content is loaded from a lock screen then an attacker could potentially elevate their privileges. Finally, apply MS16-113 and MS16-115 to remediate two information disclosure vulnerabilities.

You can’t remediate the most vulnerable point on your network; your users, but you can patch the vulnerabilities commonly used to exploit them to gain a foothold in your environment: Get an edge with Shavlik's Patch Tuesday Analysis

• Prioritize updates from Microsoft and 3^rd Party vendors
• Identify vulnerabilities targeting users
• Manage your virtual infrastructure with VMworld 2016 Security Gold Award winning Shavlik Protect
• Flexible architecture to manage servers agentless and endpoints with Agents and Cloud Agents

Click here to get started with Shavlik Protect