July, 2016: Patch Tuesday: Print Spooler Attacks Possible

Welcome to this months Patch Tuesday Bulletin. There are 11 patches in total, 6 critical severity and 6 patches fixing arbitrary code execution vulnerabilities. While there were no vulnerabilities identified as being exploited in the wild there was one patch for Windows Print Spooler Components (MS16-087) that could be actively attacked. Start the month with MS16-087 but quickly follow up with IE and Edge patches MS16-084 and MS16-085. Adobe Flash Player (MS16-093) should be next due to the fact it is often the target of attacks. Finish up the critical patches with MS16-086 for JScript/VBScript and MS16-088 for Office. MS16-090 fixes an elevation of privilege vulnerability that could be exploited by running a malicious application. MS16-089 and MS16-091 remediate information disclosure vulnerabilities in .Net and the Windows Kernel. Finsih up this month of patches with MS16-092 and MS16-094 that remediates security feature bypass issues with the Windows kernel and Secure Boot.

Dell Software empowers organizations of all sizes to experience Dell’s “power to do more” by delivering scalable yet simple-to-use solutions that can increase productivity, responsiveness and efficiency. Dell Software is uniquely positioned to address today’s most pressing business and IT challenges with holistic, connected software offerings across five core solution areas, encompassing data center and cloud management, information management, mobile workforce management, security and data protection. This software, when combined with Dell hardware and services, helps customers simplify IT, mitigate risk and accelerate business results.

Advertisement


BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS16-084

3169991
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
No/NoYesCritical Internet Explorer 9
Internet Explorer 10
Internet Explorer 11
Multiple vulnerabilities, requires restartUpdate immediately
MS16-086

3169996
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoYesCritical Vista
Server 2008
May require restartUpdate immediately
MS16-085

3169999
Arbitrary code

/ Microsoft Edge
Workstations
Terminal Servers
No/NoNoCritical Microsoft Edge
Multiple vulnerabilities, requires restartUpdate immediately
MS16-087

3170005
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
Print Servers
No/NoNoCritical Vista
Server 2008
Server 2008 R2
Windows 7
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows 10
Multiple vulnerabilities, may require restartUpdate immediately
MS16-088

3170008
Arbitrary code

/ Microsoft Office, Office Services, Office Web Apps
Workstations
Terminal Servers
Sharepoint Servers
No/NoYesCritical Office 2007
Office 2010
Office 2011 for MAC
SharePoint Server 2010
SharePoint Server 2013
Office 2013 RT
Office 2013
Office 2013 Web Apps
Office 2010 Web Apps
Office 2016 for Mac
Office 2016
SharePoint Server 2016
Multiple vulnerabilities, may require restartUpdate immediately
MS16-091

3170048
Information disclosure

/ Microsoft .NET Framework
Web Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
  
MS16-089

3170050
Information disclosure

/ Microsoft Windows
Workstations
No/NoNoImportant Windows 10
Requires restartUpdate after testing
MS08-090

3171481
Privilege elevation

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Multiple vulnerabilities, requires restartUpdate after testing
MS16-092

3171910
Security feature bypass

/ Microsoft Windows
Workstations
Servers
No/NoNoImportant Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Multiple vulnerabilities, requires restartUpdate after testing
MS16-093

3174060
Arbitrary code

/ Adobe Flash Player
Workstations
Terminal Servers
Servers
No/NoYesCritical Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Multiple vulnerabilities, requires restartUpdate immediately
MS16-094

3177404
Security feature bypass

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoYesImportant Server 2012
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Requires restartUpdate after testing
Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.