Microsoft security alert.
October 11, 2016
Advisory overview
Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 48 vulnerabilities that were fixed in 10 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Vulnerability details
Microsoft has released 10 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
-
Microsoft Video Control Remote Code Execution Vulnerability (MS16-122)
- Severity
- Urgent 5
- Qualys ID
- 91285
- Vendor Reference
- MS16-122
- CVE Reference
- CVE-2016-0142
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
-
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Microsoft Video Control fails to properly handle objects in memory.
This security update is rated Critical on the following client operating systems: Microsoft Windows Vista, Windows 7, Windows 8.1, Windows RT 8.1, and Windows 10.
- Consequence
- An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. However, an attacker must first convince a user to open either a specially crafted file or a program from either a webpage or an email message.
- Solution
-
Customers are advised to refer to MS16-122 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-122 Windows 10 Version 1511 for 32-bit Systems
MS16-122 Windows 10 Version 1511 for x64-based Systems
MS16-122 Windows 10 Version 1607 for 32-bit Systems
MS16-122 Windows 10 Version 1607 for x64-based Systems
MS16-122 Windows 10 for 32-bit Systems
MS16-122 Windows 10 for x64-based Systems
MS16-122 Windows 7 for 32-bit Systems Service Pack 1
MS16-122 Windows 7 for 32-bit Systems Service Pack 1
MS16-122 Windows 7 for x64-based Systems Service Pack 1
MS16-122 Windows 7 for x64-based Systems Service Pack 1
MS16-122 Windows 8.1 for 32-bit Systems
MS16-122 Windows 8.1 for 32-bit Systems
MS16-122 Windows 8.1 for x64-based Systems
MS16-122 Windows 8.1 for x64-based Systems
MS16-122 Windows Vista Service Pack 2
MS16-122 Windows Vista x64 Edition Service Pack 2
-
Microsoft Office Remote Code Execution Vulnerabilities (MS16-121)
- Severity
- Urgent 5
- Qualys ID
- 110284
- Vendor Reference
- MS16-121
- CVE Reference
- CVE-2016-7193
- CVSS Scores
- Base 9.3 / Temporal 8.1
- Description
-
An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files.
The update addresses the vulnerability by changing the way Microsoft Office software handles RTF content.
Microsoft Office Software and Microsoft Office Services and Web Apps are affected. - Consequence
- The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.
- Solution
-
Refer to MS16-121 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-121 Microsoft Office 2010 Service Pack 2 (32-bit editions)
MS16-121 Microsoft Office 2010 Service Pack 2 (64-bit editions)
MS16-121 Microsoft Office Compatibility Pack Service Pack 3
MS16-121 Microsoft Office Web Apps 2010 Service Pack 2
MS16-121 Microsoft Office Web Apps Server 2013 Service Pack 1
MS16-121 Microsoft Word 2007 Service Pack 3
MS16-121 Microsoft Word 2010 Service Pack 2 (32-bit editions)
MS16-121 Microsoft Word 2010 Service Pack 2 (64-bit editions)
MS16-121 Microsoft Word 2013 Service Pack 1 (32-bit editions)
MS16-121 Microsoft Word 2013 Service Pack 1 (64-bit editions)
MS16-121 Microsoft Word 2016 (32-bit edition)
MS16-121 Microsoft Word 2016 (64-bit edition)
MS16-121 Microsoft Word 2016 for Mac
MS16-121 Microsoft Word Viewer
MS16-121 Microsoft Word for Mac 2011
MS16-121 Office Online Server
MS16-121 Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
MS16-121 Word Automation Services on Microsoft SharePoint Server 2013 Service Pack 1
-
Microsoft Cumulative Security Update for Internet Explorer (MS16-118)
- Severity
- Urgent 5
- Qualys ID
- 100297
- Vendor Reference
- MS16-118
- CVE Reference
- CVE-2016-3267, CVE-2016-3298, CVE-2016-3331, CVE-2016-3382, CVE-2016-3383, CVE-2016-3384, CVE-2016-3385, CVE-2016-3387, CVE-2016-3388, CVE-2016-3390, CVE-2016-3391
- CVSS Scores
- Base 9.3 / Temporal 8.1
- Description
-
This security update is rated Critical for Internet Explorer 9 (IE 9), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.
The update addresses the vulnerabilities by correcting how Internet Explorer handles:
objects in memory
namespace boundaries - Consequence
- The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Solution
-
Customers are advised to refer to Microsoft Advisory MS16-118 for more details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-118 Windows 10 Version 1511 for 32-bit Systems
MS16-118 Windows 10 Version 1511 for x64-based Systems
MS16-118 Windows 10 Version 1607 for 32-bit Systems
MS16-118 Windows 10 Version 1607 for x64-based Systems
MS16-118 Windows 10 for 32-bit Systems
MS16-118 Windows 10 for x64-based Systems
MS16-118 Windows 7 for 32-bit Systems Service Pack 1Monthly Roll Up(Internet Explorer 11)
MS16-118 Windows 7 for 32-bit Systems Service Pack 1Security Only(Internet Explorer 11)
MS16-118 Windows 7 for x64-based Systems Service Pack 1Monthly Roll-Up(Internet Explorer 11)
MS16-118 Windows 7 for x64-based Systems Service Pack 1Security Only(Internet Explorer 11)
MS16-118 Windows 8.1 for 32-bit Systems Security Only(Internet Explorer 11)
MS16-118 Windows 8.1 for 32-bit SystemsMonthly Roll-Up(Internet Explorer 11)
MS16-118 Windows 8.1 for x64-based SystemsMonthly Roll-Up(Internet Explorer 11)
MS16-118 Windows 8.1 for x64-based SystemsSecurity Only(Internet Explorer 11)
MS16-118 Windows Server 2008 R2 for x64-based Systems Service Pack 1Monthly Roll-Up(Internet Explorer 11)
MS16-118 Windows Server 2008 R2 for x64-based Systems Service Pack 1Security Only(Internet Explorer 11)
MS16-118 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 9)
MS16-118 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 9)
MS16-118 Windows Server 2012 Monthly Roll-Up(Internet Explorer 10)
MS16-118 Windows Server 2012 Security Only(Internet Explorer 10)
MS16-118 Windows Server 2012 R2Monthly Roll-Up(Internet Explorer 11)
MS16-118 Windows Server 2012 R2Security Only(Internet Explorer 11)
MS16-118 Windows Vista Service Pack 2(Internet Explorer 9)
MS16-118 Windows Vista x64 Edition Service Pack 2(Internet Explorer 9)
-
Microsoft Edge Cumulative Security Update (MS16-119)
- Severity
- Serious 3
- Qualys ID
- 91283
- Vendor Reference
- MS16-119
- CVE Reference
- CVE-2016-3267, CVE-2016-3331, CVE-2016-3382, CVE-2016-3386, CVE-2016-3387, CVE-2016-3388, CVE-2016-3389, CVE-2016-3390, CVE-2016-3391, CVE-2016-3392, CVE-2016-7189, CVE-2016-7190, CVE-2016-7194
- CVSS Scores
- Base 9.3 / Temporal 8.1
- Description
-
This security update is rated Critical for Microsoft Edge on Windows 10. The update addresses the vulnerabilities by:
modifying how Microsoft Edge and certain functions handle objects in memory.
modifying how the Chakra JavaScript scripting engine handles objects in memory.
restricting what information is returned to Microsoft Edge.
changing the way Microsoft Browsers store credentials in memory.
correcting how Microsoft Browsers handle namespace boundaries.
correcting how Microsoft Edge Content Security Policy validates documents. - Consequence
-
The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.
- Solution
-
Customers are advised to refer to Microsoft Security Bulletin MS16-119 for details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-119 Windows 10 Version 1511 for 32-bit Systems
MS16-119 Windows 10 Version 1511 for x64-based Systems
MS16-119 Windows 10 Version 1607 for 32-bit Systems
MS16-119 Windows 10 Version 1607 for x64-based Systems
MS16-119 Windows 10 for 32-bit Systems
MS16-119 Windows 10 for x64-based Systems
-
Microsoft Windows Graphics Component Security Update (MS16-120)
- Severity
- Urgent 5
- Qualys ID
- 91287
- Vendor Reference
- MS16-120
- CVE Reference
- CVE-2016-3209, CVE-2016-3262, CVE-2016-3263, CVE-2016-3270, CVE-2016-3393, CVE-2016-3396, CVE-2016-7182
- CVSS Scores
- Base 10 / Temporal 8.7
- Description
-
- A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory.
- A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts.
- Multiple information disclosure vulnerabilities exist in the way that the Windows Graphics Device Interface (GDI) handles objects in memory.
- An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory.
- An elevation of privilege vulnerability exists in Windows when the Windows kernel fails to properly handle objects in memory.
This security update is rated Critical for all supported releases of Microsoft Windows. This security update is rated Important for affected editions of Microsoft Office 2007 and Microsoft Office 2010 affected editions of Skype for Business 2016, Microsoft Lync 2013, and Microsoft Lync 2010 affected editions of Microsoft .NET Framework affected editions of Silverlight.
- Consequence
- Successful exploitation allows remote code execution.
- Solution
-
Customers are advised to refer to Microsoft Advisory MS16-120 for more details pertaining to this vulnerability.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-120 Microsoft Live Meeting 2007 Console
MS16-120 Microsoft Lync 2010
MS16-120 Microsoft Lync 2010
MS16-120 Microsoft Lync 2010 Attendee
MS16-120 Microsoft Lync 2010 Attendee
MS16-120 Microsoft Lync 2013 Service Pack 1
MS16-120 Microsoft Lync 2013 Service Pack 1
MS16-120 Microsoft Lync Basic 2013 Service Pack 1
MS16-120 Microsoft Lync Basic 2013 Service Pack 1
MS16-120 Microsoft Office 2007 Service Pack 3
MS16-120 Microsoft Office 2010 Service Pack 2 (32-bit editions)
MS16-120 Microsoft Office 2010 Service Pack 2 (64-bit editions)
MS16-120 Microsoft Silverlight 5
MS16-120 Microsoft Silverlight 5 Developer Runtime
MS16-120 Microsoft Word Viewer
MS16-120 Skype for Business 2016
MS16-120 Skype for Business 2016
MS16-120 Skype for Business Basic 2016
MS16-120 Skype for Business Basic 2016
MS16-120 Windows 10 Version 1511 for 32-bit Systems
MS16-120 Windows 10 Version 1511 for x64-based Systems
MS16-120 Windows 10 Version 1607 for 32-bit Systems
MS16-120 Windows 10 Version 1607 for x64-based Systems
MS16-120 Windows 10 for 32-bit Systems
MS16-120 Windows 10 for x64-based Systems
MS16-120 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS16-120 Windows 7 for 32-bit Systems Service Pack 1
MS16-120 Windows 7 for 32-bit Systems Service Pack 1
MS16-120 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS16-120 Windows 7 for x64-based Systems Service Pack 1
MS16-120 Windows 7 for x64-based Systems Service Pack 1
MS16-120 Windows 8.1 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS16-120 Windows 8.1 for 32-bit Systems
MS16-120 Windows 8.1 for 32-bit Systems
MS16-120 Windows 8.1 for x64-based Systems(Microsoft .NET Framework 3.5)
MS16-120 Windows 8.1 for x64-based Systems
MS16-120 Windows 8.1 for x64-based Systems
MS16-120 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS16-120 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS16-120 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS16-120 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS16-120 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS16-120 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS16-120 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS16-120 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS16-120 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4.5.2)
MS16-120 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4.6)
MS16-120 Windows Server 2008 for 32-bit Systems Service Pack 2
MS16-120 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS16-120 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS16-120 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4.5.2)
MS16-120 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4.6)
MS16-120 Windows Server 2008 for x64-based Systems Service Pack 2
MS16-120 Windows Server 2012(Microsoft .NET Framework 3.5)
MS16-120 Windows Server 2012
MS16-120 Windows Server 2012
MS16-120 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS16-120 Windows Server 2012 R2(Microsoft .NET Framework 3.5)
MS16-120 Windows Server 2012 R2
MS16-120 Windows Server 2012 R2
MS16-120 Windows Server 2012 R2 (Server Core installation)(Microsoft .NET Framework 3.5)
MS16-120 Windows Vista Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS16-120 Windows Vista Service Pack 2(Microsoft .NET Framework 4.5.2)
MS16-120 Windows Vista Service Pack 2(Microsoft .NET Framework 4.6)
MS16-120 Windows Vista Service Pack 2
MS16-120 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS16-120 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4.5.2)
MS16-120 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4.6)
MS16-120 Windows Vista x64 Edition Service Pack 2
-
Microsoft Windows Security Update for Kernel-Mode Drivers (MS16-123)
- Severity
- Critical 4
- Qualys ID
- 91289
- Vendor Reference
- MS16-123
- CVE Reference
- CVE-2016-3266, CVE-2016-3341, CVE-2016-3376, CVE-2016-7185, CVE-2016-7191
- CVSS Scores
- Base 10 / Temporal 8.3
- Description
-
Multiple elevation of privilege vulnerabilities exist when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit these vulnerabilities, an attacker would first have to log on to the system.
The update addresses the vulnerabilities by correcting how the Windows kernel-mode driver handles objects in memory.This security update is rated Important for all supported releases of Windows.
- Consequence
- Successful exploitation could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
- Solution
-
Customers are advised to refer to MS16-123 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-123 Windows 10 Version 1511 for 32-bit Systems
MS16-123 Windows 10 Version 1511 for x64-based Systems
MS16-123 Windows 10 Version 1607 for 32-bit Systems
MS16-123 Windows 10 Version 1607 for x64-based Systems
MS16-123 Windows 10 for 32-bit Systems
MS16-123 Windows 10 for x64-based Systems
MS16-123 Windows 7 for 32-bit Systems Service Pack 1
MS16-123 Windows 7 for 32-bit Systems Service Pack 1
MS16-123 Windows 7 for x64-based Systems Service Pack 1
MS16-123 Windows 7 for x64-based Systems Service Pack 1
MS16-123 Windows 8.1 for 32-bit Systems
MS16-123 Windows 8.1 for 32-bit Systems
MS16-123 Windows 8.1 for x64-based Systems
MS16-123 Windows 8.1 for x64-based Systems
MS16-123 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS16-123 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS16-123 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS16-123 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS16-123 Windows Server 2008 for 32-bit Systems Service Pack 2
MS16-123 Windows Server 2008 for 32-bit Systems Service Pack 2
MS16-123 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS16-123 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS16-123 Windows Server 2008 for x64-based Systems Service Pack 2
MS16-123 Windows Server 2008 for x64-based Systems Service Pack 2
MS16-123 Windows Server 2012
MS16-123 Windows Server 2012
MS16-123 Windows Server 2012 R2
MS16-123 Windows Server 2012 R2
MS16-123 Windows Vista Service Pack 2
MS16-123 Windows Vista Service Pack 2
MS16-123 Windows Vista x64 Edition Service Pack 2
MS16-123 Windows Vista x64 Edition Service Pack 2
-
Microsoft Windows Security Update for Windows Registry (MS16-124)
- Severity
- Critical 4
- Qualys ID
- 91288
- Vendor Reference
- MS16-124
- CVE Reference
- CVE-2016-0070, CVE-2016-0073, CVE-2016-0075, CVE-2016-0079
- CVSS Scores
- Base 4.3 / Temporal 3.6
- Description
-
Multiple elevation of privilege vulnerabilities exist in Microsoft Windows when a Windows kernel API improperly allows a user to access sensitive registry information.
Microsoft released a security update to correct how the kernel API restricts access to this information.
This security update is rated Important for all supported releases of Microsoft Windows.
- Consequence
-
The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
- Solution
-
Customers are advised to refer to MS16-124 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-124 Windows 10 Version 1511 for 32-bit Systems
MS16-124 Windows 10 Version 1511 for x64-based Systems
MS16-124 Windows 10 Version 1607 for 32-bit Systems
MS16-124 Windows 10 Version 1607 for x64-based Systems
MS16-124 Windows 10 for 32-bit Systems
MS16-124 Windows 10 for x64-based Systems
MS16-124 Windows 7 for 32-bit Systems Service Pack 1
MS16-124 Windows 7 for 32-bit Systems Service Pack 1
MS16-124 Windows 7 for x64-based Systems Service Pack 1
MS16-124 Windows 7 for x64-based Systems Service Pack 1
MS16-124 Windows 8.1 for 32-bit Systems
MS16-124 Windows 8.1 for 32-bit Systems
MS16-124 Windows 8.1 for x64-based Systems
MS16-124 Windows 8.1 for x64-based Systems
MS16-124 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS16-124 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS16-124 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS16-124 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS16-124 Windows Server 2008 for 32-bit Systems Service Pack 2
MS16-124 Windows Server 2008 for 32-bit Systems Service Pack 2
MS16-124 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS16-124 Windows Server 2008 for x64-based Systems Service Pack 2
MS16-124 Windows Server 2008 for x64-based Systems Service Pack 2
MS16-124 Windows Server 2012
MS16-124 Windows Server 2012
MS16-124 Windows Server 2012 R2
MS16-124 Windows Server 2012 R2
MS16-124 Windows Vista Service Pack 2
MS16-124 Windows Vista x64 Edition Service Pack 2
-
Microsoft Windows Diagnostics Hub Elevation of Privilege Vulnerability (MS16-125)
- Severity
- Serious 3
- Qualys ID
- 91286
- Vendor Reference
- MS16-125
- CVE Reference
- CVE-2016-7188
- CVSS Scores
- Base 7.2 / Temporal 5.6
- Description
-
An elevation of privilege vulnerability exists in the Windows Diagnostics Hub Standard Collector Service when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input that could lead to unsecure library loading behavior.
The security update addresses the vulnerability by correcting how the Windows Diagnostics Hub Standard Collector Service sanitizes input, to help preclude unintended elevated system privileges.
This security update is rated Important for all supported editions of Windows 10.
- Consequence
-
Successful exploitation allows an attacker to execute arbitrary code with elevated system privileges.
- Solution
-
Refer to MS16-125 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-125 Windows 10 Version 1511 for 32-bit Systems
MS16-125 Windows 10 Version 1511 for x64-based Systems
MS16-125 Windows 10 Version 1607 for 32-bit Systems
MS16-125 Windows 10 Version 1607 for x64-based Systems
MS16-125 Windows 10 for 32-bit Systems
MS16-125 Windows 10 for x64-based Systems
-
Microsoft Security Update for Microsoft Internet Messaging API (MS16-126)
- Severity
- Critical 4
- Qualys ID
- 91284
- Vendor Reference
- MS16-126
- CVE Reference
- CVE-2016-3298
- CVSS Scores
- Base 2.6 / Temporal 2.3
- Description
-
An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. The security update affects Microsoft Windows Vista, Windows Server 2008, Windows 7 and Windows Sever 2008 R2 and is rated moderate on client and low on server operating systems.
The update addresses the vulnerability by changing the way the Microsoft Internet Messaging API handles objects in memory.
- Consequence
- An attacker who successfully exploited this vulnerability could test for the presence of files on disk.
- Solution
-
Customers are advised to refer to Microsoft Advisory MS16-126 for more details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-126 Windows 7 for 32-bit Systems Service Pack 1
MS16-126 Windows 7 for 32-bit Systems Service Pack 1
MS16-126 Windows 7 for x64-based Systems Service Pack 1
MS16-126 Windows 7 for x64-based Systems Service Pack 1
MS16-126 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS16-126 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS16-126 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS16-126 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS16-126 Windows Server 2008 for 32-bit Systems Service Pack 2
MS16-126 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS16-126 Windows Server 2008 for x64-based Systems Service Pack 2
MS16-126 Windows Vista Service Pack 2
MS16-126 Windows Vista x64 Edition Service Pack 2
-
Microsoft Windows Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (MS16-127)
- Severity
- Urgent 5
- Qualys ID
- 100298
- Vendor Reference
- MS16-127
- CVE Reference
- CVE-2016-4273, CVE-2016-4286, CVE-2016-6981, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6987, CVE-2016-6989, CVE-2016-6990, CVE-2016-6992
- CVSS Scores
- Base 9.3 / Temporal 8.1
- Description
-
Microsoft released an update for Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
The update addresses the vulnerabilities described in Adobe Security bulletin APSB16-32.
This security update is rated Critical for Adobe Flash Player in Internet Explorer 10, Internet Explorer 11 and Microsoft Edge.
- Consequence
- Successful exploitation of this vulnerability will allow an attacker to execute arbitrary code.
- Solution
-
Customers are advised to view MS16-127 for instructions pertaining to the remediation of these vulnerabilities.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS16-127 Windows 8.1 for 32-bit Systems(Adobe Flash Player)
MS16-127 Windows 8.1 for x64-based Systems(Adobe Flash Player)
MS16-127 Windows Server 2012(Adobe Flash Player)
MS16-127 Windows Server 2012 R2(Adobe Flash Player)
These new vulnerability checks are included in Qualys vulnerability signature 2.3.449-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
Selective Scan Instructions Using Qualys
To perform a selective vulnerability scan, configure a scan profile to use the following options:
- Ensure access to TCP ports 135 and 139 are available.
- Enable Windows Authentication (specify Authentication Records).
-
Enable the following Qualys IDs:
- 91285
- 110284
- 100297
- 91283
- 91287
- 91289
- 91288
- 91286
- 91284
- 100298
- If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
- If you would like to be notified if Qualys is unable to log on to a host (if Authentication fails), also include QID 105015.
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Access for Qualys Customers
Platforms and Platform Identification
Technical Support
For more information, customers may contact Qualys Technical Support.
About Qualys
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.