Hello everyone,

This is Kelly Housman with the Microsoft Patch Tuesday newsletter for September 13, 2016.

 

Welcome to the September Patch Tuesday update. This month was busy month where Microsoft released a total of Fourteen(14) new security bulletins, including one for Adobe Flash . For this month, Seven (7) of these are rated Critical. These are the types of vulnerabilities that system administrators are usually the most concerned about and attempt to patch as quickly as possible. The remaining Seven (7) are rated Important.

 

Clarification of the Intel Security Coverage column in the table below

Some Microsoft bulletins include multiple vulnerabilities. The Covered Products and Under Analysis sections will list Intel Security products for *any* of the vulnerabilities included in the Microsoft bulletin. You may see an Intel Security product listed in both sections, which would indicate that it is Covered for one of the vulnerabilities in the bulletin and Under Analysis for one of the other vulnerabilities. The details for each individual vulnerability are provided in the McAfee Labs Security Advisory Number.

 

This month’s patches include the following:

Bulletin
  Number

KB
  Number

Title

Bulletin
  Rating (highest )

Vulnerability
  Impact

McAfee
  Labs Security Advisory Number

Intel
  Security Coverage

MS16-104

3183038

Cumulative Security Update for Internet Explorer

Critical

-Memory Corruption

-Information disclosure

-Elevation of Privilege

-Security Bypass

MTIS16-049

Covered Products:

  • NSP
  • Application Control
  • BOP
  • Host IPS
  • Vulnerability Manager

Under Analysis:

  • Web Gateway
  • DAT
  • Firewall Enterprise

MS16-105

3183043

Cumulative Security Update for Microsoft Edge

Critical

-Memory Corruption

-Information Disclosure

MTIS16-049

Covered Products:

  • NSP
  • Application Control
  • Vulnerability Manager

Under Analysis:

  • Web Gateway
  • DAT
  • Firewall Enterprise

MS16-106

3185848

Security Update for Microsoft Graphics Component

Critical

-Remote Code Execution

-Elevation of Privileges

-Information Disclosure

MTIS16-050

Covered Products:

  • Application Control
  • Host IPS
  • NSP
  • Vulnerability Manager

Under Analysis:

  • Firewall Enterprise

MS16-107

3185852

Security Update for Office

Critical

-Memory Corruption

-Security Bypass

-Information Disclosure

-Spoofing

MTIS16-050

Covered Products:

  • Application Control
  • NSP
  • Host IPS
  • Vulnerability Manager
  • BOP
  • Under Analysis:
  • Web Gateway
  • DAT
  • Firewall Enterprise

MS16-108

3185883

Security Update for Microsoft Exchange Server

Critical

-Open Redirect

-Information Disclosure

-Elevation of Privileges

MTIS16-050

Covered Products:

  • Vulnerability Manager

Under Analysis:

  • Firewall  Enterprise

MS16-109

3182373

Security Update for Silverlight

Important

-Memory Corruption

MTIS16-050

Covered Products:

  • Application Control
  • Vulnerability Manager
  • BOP
  • Host IPS

Under Analysis:

  • Firewall Enterprise

MS16-110

3178467

Security Update for Windows

Important

-Elevation of Privilege

-Information Disclosure

-Remote Code Execution

-Denial of Service

MTIS16-051

Covered Products:

  • NSP
  • Web Gateway
  • BOP
  • Application Control
  • Vulnerability Manager

Under Analysis:

  • Firewall Enterprise

MS16-111

3186973

Security Update for Windows Kernel

Important

-Elevation  of Privilege

MTIS16-051

Covered Products:

  • NSP
  • Vulnerability Manager

Under Analysis:

  • Firewall Enterprise

MS16-112

3178469

Security Update for Windows Lock Screen

Important

-Elevation  of Privilege

MTIS16-051

Covered  Products:

  • Vulnerability Manager

Under Analysis:

  • Firewall Enterprise

MS16-113

3185876

Security Update for Windows Secure Kernel Mode

Important

-Information Disclosure

MTIS16-051

Covered Products:

  • Vulnerability  Manager

Under Analysis:

  • Firewall Enterprise

MS16-114

3185879

Security Update for Windows SMBv1 Server

Important

-Remote Code Execution

MTIS16-051

Covered Products:

  • Vulnerability Manager

Under Analysis:

  • Firewall Enterprise
  • Web Gateway

MS16-115

3188733

Security Update for Windows PDF Library

Important

-Remote Code Execution

MTIS16-051

Covered Products:

  • NSP
  • Vulnerability Manager

Under Analysis:

  • Firewall Enterprise

MS16-116

3188724

Security Update  in OLE Automation for VBScript Scripting Engine

Critical

-Information Disclosure

MTIS16-051

Covered Products:

  • Application Control
  • BOP
  • Host IPS
  • NSP
  • Vulnerability Manager

Under  Analysis:

  • Firewall Enterprise
  • Web Gateway
  • DAT

MS16-117

3188128

Security Update for Adobe Flash Player

Critical

N/A

N/A

Covered  Products:

  • Not  Tested

Under  Analysis:

  • Not  Tested