February, 2016: Patch Tuesday:IE and Adobe Flash

Welcome to this February Patch Tuesday Bulletin. This month brings 6 critical and 7 important severity patches. While there are 7 potential arbitrary code execution flaws it appears that none of them are being attacked in the wild. Start the month with MS16-009 and MS16-022. These 2 patches deliver updates for Internet Explorer and Adobe Flash Player for a combined remediation of 35 vulnerabilities. Next apply MS16-012, MS16-013, MS16-015 since these patches fix flaws in core Windows functionality. If Microsoft Edge is in use then apply MS16-011. Next up is MS16-014 which is an important rated arbitrary code execution flaw. Follow that with MS16-016, MS16-017, MS16-018 to remediate the remaining important severity elevation of privilege vulnerabilities. Finally test and apply MS16-019, MS16-020, and MS16-021 to complete this months patches. Please take note that the Important rated severity patches are still often the target of attacks and elevating privileges can be just as important to attackers as executing code. Efficiently testing and applying patches is the best process for reducing attack surface in a patch management program.

Correlate application security events with all the other enterprise events

If your SIEM isn't getting the security events from Microsoft's enterprise applications, it is missing an important part of the story. SQL Server, Exchange and SharePoint audit logs are too important to be missing from your SIEM or log management solution. Find out more about how to audit these applications, and learn how to get their security audit event data into your SIEM.

Browse to www.logbinder.com/Solutions


BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS16-021

3133043
Denial of service

/ Microsoft Windows
Servers
No/NoNoImportant Server 2008
Server 2008 R2
Server 2012
Server 2012 R2
May require restartUpdate after testing
MS16-009

3134220
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
No/NoNoCritical Internet Explorer 9
Internet Explorer 10
Internet Explorer 11
Multiple vulnerabilities, requires restartUpdate immediately
MS16-020

3134222
Denial of service

/ Microsoft Windows
Servers
No/NoNoImportant Server 2012 R2
May require restartUpdate after testing
MS16-011

3134225
Arbitrary code

/ Microsoft Edge
Workstations
Terminal Servers
No/NoNoCritical Edge
Multiple vulnerabilities, requires restartUpdate immediately
MS16-015

3134226
Arbitrary code

/ Microsoft Office
Workstations
Terminal Servers
Sharepoint Servers
No/NoNoCritical Office 2007
SharePoint Server 2007
Office 2010
Office 2011 for MAC
Office Web Apps 2010
SharePoint Server 2010
SharePoint Server 2013
Office 2013 RT
Office 2013
Office 2016 for Mac
Office 2016
Office Web Apps 2013
SharePoint Foundation 2013
Multiple vulnerabilities, may require restartUpdate immediately
MS16-014

3134228
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoYesImportant Vista
Server 2008
Server 2008 R2
Windows 7
Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Multiple vulnerabilities, requires restartUpdate after testing
MS16-017

3134700
Privilege elevation

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoYesImportant Windows 7
Server 2012
Server 2012 R2
Windows 8.1
Windows 10
Requires restartUpdate after testing
MS16-013

3134811
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
No/NoYesCritical Vista
Server 2008
Server 2008 R2
Windows 7
Server 2012
Server 2012 R2
Windows 8.1
Windows 10
May require restartUpdate immediately
MS16-022

3135782
Arbitrary code

/ Adobe Flash Player
Workstations
Terminal Servers
Servers
No/NoNoCritical Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Multiple vulnerabilities, requires restartUpdate immediately
MS16-016

3136041
Privilege elevation

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoYesImportant Vista
Server 2008
Server 2008 R2
Windows 7
Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
May require restartUpdate after testing
MS16-018

3136082
Privilege elevation

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Requires restartUpdate after testing
MS16-019

3137893
Denial of service

/ Microsoft .NET Framework
Workstations
Terminal Servers
No/NoNoImportant .NET Framework 2.0 SP2
.NET Framework 3.5
.NET Framework 3.5.1
.NET Framework 4.5.2
.NET Framework 4.6
.NET Framework 4.6.1
Multiple vulnerabilities, may require restartUpdate after testing
MS16-012

3138938
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
No/NoNoCritical Server 2012
Server 2012 R2
Windows 8.1
Windows 10
Multiple vulnerabilities, may require restartUpdate immediately
Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.