Microsoft fixed vulnerabilities in their products
Microsoft has released a set of updates for its products, which cover 44 vulnerabilities in various components of Windows, as well as Office. The peculiarity of this release of updates is that within its framework, as many as five 0day vulnerabilities have been fixed, which are used by attackers in cyber attacks. One of these 0day Information Disclosure vulnerabilities is present in Internet Explorer 9-11. It allows attackers to remotely check the presence of files on the disk in a vulnerable system.
In addition, the October patch tuesday was the first for Windows 7 and Windows 8.1, for which Microsoft began to use the cumulative update delivery model (Windows 10), which we wrote about earlier . Instead of individual updates (security bulletins) in the update center, the user will now see one update " Monthly Security Quality Fix for Windows Systems ".
')
The MS16-118 update fixes 11 vulnerabilities in the Internet Explorer 9-11 web browser. Most of the fixed vulnerabilities are of the Remote Code Execution (RCE) type and can be used by attackers for remote code execution using a specially crafted web page. Critical.
The MS16-119 update fixes 13 vulnerabilities in the Edge web browser on Windows 10. Most of the fixed vulnerabilities are also of type RCE and can be used by attackers to remotely install malware using an exploit web page. One of the RCE vulnerabilities with identifier CVE-2016-7189 (Scripting Engine Remote Code Execution Vulnerability) is used by attackers in targeted attacks. Critical.
The MS16-120 update fixes seven vulnerabilities in the Windows Vista SP2 graphics subsystem - Windows 10. The vulnerability with the CVE-2016-3270 identifier is present in the Win32k.sys driver and allows attackers to run arbitrary code with SYSTEM rights. Remote operation of RCE vulnerabilities in the graphics subsystem is possible using a specially crafted web page with an exploit. Critical.
The MS16-121 update fixes one RCE vulnerability with identifier CVE-2016-7193 in the 2007–2016 Office products. The vulnerability can be exploited using a special malicious RTF file that can be placed on a resource on the network or sent to the victim by email. The vulnerability is not marked as Critical, because the attacker needs to force the victim to open the file. Important.
The MS16-122 update fixes a critical RCE vulnerability in the Video Control component on all Windows editions. Remote exploitation of a vulnerability is possible using malicious content hosted on a web resource. Critical.
Update MS16-123 fixes five LPE vulnerabilities in the kernel-mode components of all supported Windows editions. Four vulnerabilities are present in the win32k.sys driver and allow attackers to run arbitrary code on the system with SYSTEM rights. Another LPE vulnerability is present in the Windows Transaction Manager driver. Important.
The MS16-124 update fixes four LPE vulnerabilities that are present in the kernel (ntoskrnl) of all supported releases of Windows. The update closes vulnerabilities in the implementation of system API functions that allowed unauthorized attackers to obtain important information from the system registry by launching a special malicious application with an exploit. Important.
The MS16-125 update fixes the LPE vulnerability with the CVE-2016-7188 identifier in the Windows 10 service called Diagnostics Hub Standard Collector. Attackers can get higher rights in the system by launching an application in it with an exploit that exploits a vulnerability in the service when processing incoming data. Important.
Update MS16-126 fixes a vulnerability identified as Information Disclosure CVE-2016-3298 on Windows Vista and 7. The vulnerability in the Microsoft Internet Messaging API, which allows a remote attacker to check for files on the disk, is being fixed. Important.
Update MS16-127 delivers fixes for Adove Flash Player vulnerabilities to Internet Explorer 10.11 users, as well as Edge. Critical.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
be secure.
In addition, the October patch tuesday was the first for Windows 7 and Windows 8.1, for which Microsoft began to use the cumulative update delivery model (Windows 10), which we wrote about earlier . Instead of individual updates (security bulletins) in the update center, the user will now see one update " Monthly Security Quality Fix for Windows Systems ".
')
The MS16-118 update fixes 11 vulnerabilities in the Internet Explorer 9-11 web browser. Most of the fixed vulnerabilities are of the Remote Code Execution (RCE) type and can be used by attackers for remote code execution using a specially crafted web page. Critical.
The MS16-119 update fixes 13 vulnerabilities in the Edge web browser on Windows 10. Most of the fixed vulnerabilities are also of type RCE and can be used by attackers to remotely install malware using an exploit web page. One of the RCE vulnerabilities with identifier CVE-2016-7189 (Scripting Engine Remote Code Execution Vulnerability) is used by attackers in targeted attacks. Critical.
The MS16-120 update fixes seven vulnerabilities in the Windows Vista SP2 graphics subsystem - Windows 10. The vulnerability with the CVE-2016-3270 identifier is present in the Win32k.sys driver and allows attackers to run arbitrary code with SYSTEM rights. Remote operation of RCE vulnerabilities in the graphics subsystem is possible using a specially crafted web page with an exploit. Critical.
The MS16-121 update fixes one RCE vulnerability with identifier CVE-2016-7193 in the 2007–2016 Office products. The vulnerability can be exploited using a special malicious RTF file that can be placed on a resource on the network or sent to the victim by email. The vulnerability is not marked as Critical, because the attacker needs to force the victim to open the file. Important.
The MS16-122 update fixes a critical RCE vulnerability in the Video Control component on all Windows editions. Remote exploitation of a vulnerability is possible using malicious content hosted on a web resource. Critical.
Update MS16-123 fixes five LPE vulnerabilities in the kernel-mode components of all supported Windows editions. Four vulnerabilities are present in the win32k.sys driver and allow attackers to run arbitrary code on the system with SYSTEM rights. Another LPE vulnerability is present in the Windows Transaction Manager driver. Important.
The MS16-124 update fixes four LPE vulnerabilities that are present in the kernel (ntoskrnl) of all supported releases of Windows. The update closes vulnerabilities in the implementation of system API functions that allowed unauthorized attackers to obtain important information from the system registry by launching a special malicious application with an exploit. Important.
The MS16-125 update fixes the LPE vulnerability with the CVE-2016-7188 identifier in the Windows 10 service called Diagnostics Hub Standard Collector. Attackers can get higher rights in the system by launching an application in it with an exploit that exploits a vulnerability in the service when processing incoming data. Important.
Update MS16-126 fixes a vulnerability identified as Information Disclosure CVE-2016-3298 on Windows Vista and 7. The vulnerability in the Microsoft Internet Messaging API, which allows a remote attacker to check for files on the disk, is being fixed. Important.
Update MS16-127 delivers fixes for Adove Flash Player vulnerabilities to Internet Explorer 10.11 users, as well as Edge. Critical.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
be secure.
Source: https://habr.com/ru/post/312428/
All Articles