Patch Analysis for December 2016

Welcome to this December Patch Monday Bulletin. December has been a fairly active month for updates and for attacks. Adobe Flash (CVE-2016-7892) is being actively attacked against 32 bit Internet Explorer on Windows. Exploiting this vulnerability could lead to arbitrary code execution on the victim machine. It is a good idea to test and deploy the Flash update as soon as possible. There were a large quantity of Adobe products affected this month so review and update the additional products that are in your environment. Update Google Chrome or Mozilla Firefox if they are used within your environment. Both browsers have updates that address numerous CVE's. Finally review Apple iTunes and iCloud. They both suffer from similar vulnerabilities and may be installed by users to access Apple services

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of non-MS patches that affect Windows platforms in the past month.

Patch data provided by:

LOGbinder.com

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

CVE-2016-7891

Adobe RoboHelp

2015.0.3 and earlier

11 and earlier

12/13/2016

Cross-Site Scripting

Important Priority 3: Update at admin’s discretion

Multiple CVE’s

Adobe Digital Editions

4.5.2 and earlier

12/13/2016

Information Disclosure

Important Priority 3: Update at admin’s discretion

CVE-2016-7887

Adobe ColdFusion Builder

2016 update 2 and earlier

3.0.3 and earlier

12/13/2016

Information Disclosure

Important Priority 2: Update within 30 days

CVE-2016-7886

Adobe InDesign

11.41 and earlier

InDesign Server

11.0.0 and earlier

12/13/2016

Arbitrary Code Execution

Critical Priority 3: Update at admin’s discretion

Multiple CVE’s

Adobe Experience Manager

6.2, 6.1, 6.0

12/13/2016

Cross-Site Scripting, Cross-Site Request Forgery

Important Priority 2: Update within 30 days

CVE-2016-7856

Adobe DNG Converter

9.7 and earlier

12/13/2016

Arbitrary Code Execution

Critical Priority 3: Update at admin’s discretion

Multiple CVE’s

Adobe Experience Manager Forms

AEM Forms

6.2, 6.1, 6.0

LiveCycle

11.0.1, 10.0.4

12/13/2016

Cross-Site Scripting

Important Priority 3: Update at admin’s discretion

Multiple CVE’s

Adobe Flash Player

Win/Mac 23.0.0.207 and earlier

Linux

11.2.202.644 and earlier

12/13/2016

Arbitrary Code Execution

Critical Priority 1: Update in 72 hours

CVE-2016-7866

Adobe Animate

15.2.1.95 and earlier versions

12/13/2016

Arbitrary Code Execution

Critical Priority 3: Update at admin’s discretion

Multiple CVE’s

Apple iCloud

Win

before 6.1

12/13/2016

Arbitrary Code Execution, Denial of Service, Information Disclosure

Update as soon as possible

Multiple CVE’s

Apple iTunes

Win

Before 12.5.4

12/13/2016

Arbitrary Code Execution, Denial of Service, Information  Disclosure

Update as soon as possible

Multiple CVE’s

Google Chrome

Before 55.0.2883.87

12/9/2016

Cross-Site Scripting, Security Bypass, Local File Disclosure, Spoofing

Update as soon as possible

Multiple CVE’s

Mozilla Firefox

Before 50.1/ESR 45.6

12/13/2016

Security Bypass, Denial of Service, HTML Injection

Update after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.