Microsoft fixes vulnerabilities in Windows

Microsoft has released a set of updates for Windows and Office. Internet Explorer and Edge web browsers, as well as such notorious Windows components as Win32k.sys driver, Gdiplus.dll graphic library, Windows PDF library Glcndfilter.dll were updated. As part of the MS16-096 update, eight vulnerabilities were fixed in the Edge web browser, most of which are of type RCE and can be used by attackers for remote code execution using a specially crafted web page.

Like last time, the Windows 8.1 & 10 secure boot mechanism called Secure Boot was updated. The MS16-100 update fixes the Security Feature Bypass type CVE-2016-3320 vulnerability in it. Using this vulnerability, attackers can compromise such Windows security features as verifying the authenticity of downloadable drivers, as well as allow the system to download drivers with a test digital signature.

The MS16-095 update fixes nine vulnerabilities in the Internet Explorer 9-11 web browser. Most fixable vulnerabilities are of the Remote Code Execution (RCE) type and can be used by attackers to remotely execute code in a web browser using a specially crafted web page. Critical.

Update MS16-097 fixes three vulnerabilities of type RCE with identifiers CVE-2016-3301. CVE-2016-3303. CVE-2016-3304 in the graphics subsystem Windows Vista + (Gdiplus.dll). The exploitation of the vulnerability is possible using a special way of malicious content (Office document or multimedia file), which is posted on the attacker's website or sent to the user by e-mail. Critical.
')
Update MS16-098 fixes four Local Privilege Escalation (LPE) vulnerabilities with identifiers CVE-2016-3308, CVE-2016-3309, CVE-2016-3310, CVE-2016-3311 in the Win32k.sys driver. Vulnerabilities can be used by attackers to elevate their privileges to the SYSTEM level and run code in kernel mode, bypassing Windows security restrictions on launching privileged code in the system. Actual for Windows Vista +. Important.

Update MS16-099 fixes five vulnerabilities for Office 2007+. Vulnerabilities with identifiers CVE-2016-3313, CVE-2016-3316, CVE-2016-3317 can be used by attackers for remote code execution in the system using a special Office file. Documents can be placed attacking on a malicious resource or sent to the user by email. Critical.

The MS16-101 update has two vulnerabilities of type Elevation of Privilege (EoP) with identifiers CVE-2016-3300 and CVE-2016-3237 in Windows Netlogon and Kerberos components on Windows Vista +. The vulnerability in Netlogon is the incorrect implementation of setting up a secure client connection with a domain controller. The second vulnerability allows attackers to bypass Kerberos authentication using a MitM attack on the traffic path between the client and the domain controller. Important.

The MS16-102 update fixes a critical RCE vulnerability with identifier CVE-2016-3319 in the Microsoft PDF library component on Windows 8.1+. The exploitation of the vulnerability is possible using a specially formed PDF file. Critical.

Update MS16-103 fixes one Information Disclosure type vulnerability in ActiveSyncProvider on Windows 10. Important.

We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).


be secure.