Patch Analysis for December 2015

Welcome to this December Patch Tuesday Bulletin. This month we have patches for 10 arbitrary code execution vulnerabilities, 2 privilege elevation vulnerabilities. These patches update Internet Explorer, Edge, .NET, Office, Skype, Lync, Silverlight, DNS, and Windows. This month it is important to efficiently test and apply patches due to the high quantity of arbitrary code execution vulnerabilities and 2 vulnerabilities that are being exploited in the wild. Start with applying MS15-131 and MS15-135 since these patches fix software that is known to be attacked. Follow up with MS15-124 to resolve multiple vulnerabilities with Internet Explorer. Start working through MS15-126, MS15-127, MS15-128, MS15-129, and MS15-130 to fix arbitrary code execution vulnerabilities for common Microsoft software. Apply MS15-125 if Edge is used in the environment. Finally apply the 3 remaining important severity patches MS15-132, MS15-133, and MS15-134.

When it comes to endpoint security, the best first line of defense is patch management. Take the first step to quantifying your IT risk and enhancing your endpoint security posture with the Lumension® Patch Scanner you can:

  • Scan for OS and 3rd party application patches
  • Prioritize remediation to improve security stance
  • Gain visibility into apps being used in your environment
  • Generate web-based reports

Click here assess your vulnerabilities now

Visit the Lumension Patch Tuesday Center

BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS15-127

3100465
Arbitrary code

/ Microsoft Windows
DNS Servers
No/NoNoCritical Server 2008
Server 2008 R2
Server 2012
Server 2012 R2
Requires restartUpdate immediately
MS15-128

3104503
Arbitrary code

/ Microsoft .NET Framework, Office, Skype, Lync, Silverlight
Workstations
Terminal Servers
Servers
No/NoNoCritical Vista
Office 2007
Server 2008
Server 2008 R2
Windows 7
Office 2010
Silverlight 5
Lync 2010
Windows 8
Server 2012
Windows RT
Lync 2013
Server 2012 R2
Windows 8.1
Windows RT 8.1
.NET Framework 3.5
.NET Framework 3.5.1
.NET Framework 4
.NET Framework 4.5
.NET Framework 4.5.1
.NET Framework 3.0 SP2
.NET Framework 4.5.2
Silverlight 5 Developer
Live Meeting 2007
Windows 10
.NET Framework 4.6
Skype for Business 2016
Multiple vulnerabilities, requires restartUpdate immediately
MS15-129

3106614
Arbitrary code

/ Microsoft Silverlight
Workstations
Terminal Servers
No/NoYesCritical Silverlight 5
Silverlight 5 Developer
Multiple vulnerabilities, does not require restartUpdate immediately
MS15-134

3108669
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
No/NoYesImportant Vista
Windows 7
Windows 8
Windows 8.1
Multiple vulnerabilities, may require restartUpdate after testing
MS15-130

3108670
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
No/NoNoCritical Server 2008 R2
Windows 7
Requires restartUpdate immediately
MS15-131

3116111
Arbitrary code

/ Microsoft Office
Workstations
Terminal Servers
No/YesYesCritical Office 2007
Office 2010
Office 2011 for MAC
Office 2013 RT
Office 2013
Office 2016 for Mac
Office 2016
Multiple vulnerabilities, may require restartUpdate immediately
MS15-133

3116130
Privilege elevation

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Requires restartUpdate after testing
MS15-132

3116162
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Multiple vulnerabilities, may require restartUpdate after testing
MS15-126

3116178
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoYesCritical Vista
Server 2008
Multiple vulnerabilities, may require restartUpdate immediately
MS15-124

3116180
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
No/NoYesCritical Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Internet Explorer 10
Internet Explorer 11
Multiple vulnerabilities, requires restartUpdate immediately
MS15-125

3116184
Arbitrary code

/ Microsoft Edge
Workstations
Terminal Servers
No/NoNoCritical Edge
Multiple vulnerabilities, requires restartUpdate immediately
MS15-135

3119075
Privilege elevation

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/YesNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Multiple vulnerabilities, requires restartUpdate after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.

 

Additional Resources