Bulletin ID
Bulletin Title and Executive Summary
Maximum Severity Rating
and Vulnerability Impact
Restart Requirement
Known
Issues
Affected Software
MS16-023
Cumulative Security Update for Internet Explorer (3142015)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Critical
Remote Code Execution
Requires restart
---------
Microsoft Windows,
Internet Explorer
MS16-024
Cumulative Security Update for Microsoft Edge (3142019)
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Critical
Remote Code Execution
Requires restart
---------
Microsoft Windows,
Microsoft Edge
MS16-025
Security Update for Windows Library Loading to Address Remote Code Execution (3140709)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Microsoft Windows fails to properly validate input before loading certain libraries. However, an attacker must first gain access to the local system with the ability to execute a malicious application.
Important
Remote Code Execution
Requires restart
---------
Microsoft Windows
MS16-026
Security Update for Graphic Fonts to Address Remote Code Execution (3143148)
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker either convinces a user to open a specially crafted document, or to visit a webpage that contains specially crafted embedded OpenType fonts.
Critical
Remote Code Execution
Requires restart
---------
Microsoft Windows
MS16-027
Security Update for Windows Media to Address Remote Code Execution (3143146)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens specially crafted media content that is hosted on a website.
Critical
Remote Code Execution
May require restart
---------
Microsoft Windows
MS16-028
Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3143081)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens a specially crafted .pdf file.
Critical
Remote Code Execution
May require restart
---------
Microsoft Windows
MS16-029
Security Update for Microsoft Office to Address Remote Code Execution (3141806)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Important
Remote Code Execution
May require restart
---------
Microsoft Office,
Microsoft Office Services and Web Apps,
Microsoft Server Software
MS16-030
Security Update for Windows OLE to Address Remote Code Execution (3143136)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if Windows OLE fails to properly validate user input. An attacker could exploit the vulnerabilities to execute malicious code. However, an attacker must first convince a user to open either a specially crafted file or a program from either a webpage or an email message.
Important
Remote Code Execution
Requires restart
---------
Microsoft Windows
MS16-031
Security Update for Microsoft Windows to Address Elevation of Privilege (3140410)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker is able to log on to a target system and run a specially crafted application.
Important
Elevation of Privilege
Requires restart
---------
Microsoft Windows
MS16-032
Security Update for Secondary Logon to Address Elevation of Privilege (3143141)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if the Windows Secondary Logon Service fails to properly manage request handles in memory.
Important
Elevation of Privilege
Requires restart
---------
Microsoft Windows
MS16-033
Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege (3143142)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker with physical access inserts a specially crafted USB device into the system.
Important
Elevation of Privilege
May require restart
---------
Microsoft Windows
MS16-034
Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.
Important
Elevation of Privilege
Requires restart
---------
Microsoft Windows
MS16-035
Security Update for .NET Framework to Address Security Feature Bypass (3141780)
This security update resolves a vulnerability in the Microsoft .NET Framework. The security feature bypass exists in a .NET Framework component that does not properly validate certain elements of a signed XML document.
Important
Security Feature Bypass
May require restart
---------
Microsoft Windows,
Microsoft .NET Framework
https://technet.microsoft.com/library/security/ms16-mar?f=255&MSPPError=-2147217396
Daniel
Microsoft Security Bulletin Summary for March 2016
+62Thank you and appreciate it Daniel!:D
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.3.2}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
+56-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
********************************************************************
Microsoft Security Bulletin Summary for March 2016
Issued: March 8, 2016
********************************************************************
This bulletin summary lists security bulletins released for March 2016.
The full version of the Microsoft Security Bulletin Summary for March 2016 can be found at <https://technet.microsoft.com/library/security/ms16-mar>.
Critical Security Bulletins
============================
MS16-023
- Affected Software:
- Windows Vista Service Pack 2:
- Internet Explorer 9
- Windows Vista x64 Edition Service Pack 2:
- Internet Explorer 9
- Windows Server 2008 for 32-bit Systems Service Pack 2:
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2:
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows 7 for 32-bit Systems Service Pack 1:
- Internet Explorer 11
- Windows 7 for x64-based Systems Service Pack 1:
- Internet Explorer 11
- Windows Server 2008 R2 for x64-based Systems
Service Pack 1:
- Internet Explorer 11
(Windows Server 2008 R2 Server Core installation
not affected)
- Windows 8.1 for 32-bit Systems:
- Internet Explorer 11
- Windows 8.1 for x64-based Systems:
- Internet Explorer 11
- Windows Server 2012:
- Internet Explorer 10
(Windows Server 2012 Server Core installation not affected)
- Windows Server 2012 R2:
- Internet Explorer 11
(Windows Server 2012 R2 Server Core installation not affected)
- Windows RT 8.1:
- Internet Explorer 11
- Windows 10 for 32-bit Systems:
- Internet Explorer 11
- Windows 10 for x64-based Systems:
- Internet Explorer 11
- Windows 10 Version 1511 for 32-bit Systems:
- Internet Explorer 11
- Windows 10 Version 1511 for x64-based Systems:
- Internet Explorer 11
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-024
- Affected Software:
- Windows 10 for 32-bit Systems
- Microsoft Edge
- Windows 10 for x64-based Systems
- Microsoft Edge
- Windows 10 Version 1511 for 32-bit Systems
- Microsoft Edge
- Windows 10 Version 1511 for x64-based Systems
- Microsoft Edge
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-026
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-027
- Affected Software:
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation not affected)
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation not affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation not affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-028
- Affected Software:
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
Important Security Bulletins
============================
MS16-025
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-029
- Affected Software:
- Microsoft Office 2007 Service Pack 3
- Microsoft InfoPath 2007 Service Pack 3
- Microsoft Outlook 2007 Service Pack 3
- Microsoft Word 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 2010 Service Pack 2 (64-bit editions)
- Microsoft InfoPath 2010 Service Pack 2 (32-bit editions)
- Microsoft InfoPath 2010 Service Pack 2 (64-bit editions)
- Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
- Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
- Microsoft Word 2010 Service Pack 2 (32-bit editions)
- Microsoft Word 2010 Service Pack 2 (64-bit editions)
- Microsoft Office 2013 Service Pack 1 (32-bit editions)
- Microsoft InfoPath 2013 Service Pack 1 (32-bit editions)
- Microsoft InfoPath 2013 Service Pack 1 (64-bit editions)
- Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
- Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
- Microsoft Word 2013 Service Pack 1 (32-bit editions)
- Microsoft Word 2013 Service Pack 1 (64-bit editions)
- Microsoft Outlook 2013 RT Service Pack 1
- Microsoft Word 2013 RT Service Pack 1
- Microsoft Office 2016 (32-bit edition)
- Microsoft Outlook 2016 (32-bit edition)
- Microsoft Outlook 2016 (64-bit edition)
- Microsoft Word 2016 (32-bit edition)
- Microsoft Word 2016 (64-bit edition)
- Microsoft Word for Mac 2011
- Microsoft Word 2016 for Mac
- Microsoft Office Compatibility Pack Service Pack 3
- Microsoft Word Viewer
- Word Automation Services on Microsoft SharePoint Server 2010
Service Pack 2
- Word Automation Services on Microsoft SharePoint Server 2013
Service Pack 1
- Microsoft Office Web Apps 2010 Service Pack 2
- Microsoft Office Web Apps Server 2013 Service Pack 1
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-030
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-031
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Impact: Elevation of Privilege
- Version Number: 1.0
MS16-032
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Elevation of Privilege
- Version Number: 1.0
MS16-033
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Elevation of Privilege
- Version Number: 1.0
MS16-034
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Elevation of Privilege
- Version Number: 1.0
MS16-035
- Affected Software:
- Windows Vista Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6
- Windows Vista x64 Edition Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2008 for 32-bit Systems Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1:
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows 7 for x64-based Systems Service Pack 1:
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1:
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1:
- Microsoft .NET Framework 3.5.1
- Windows 8.1 for 32-bit Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows 8.1 for x64-based Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows Server 2012:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1:
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows 10 for 32-bit Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6/4.6.1
- Windows 10 for x64-based Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6/4.6.1
- Windows 10 Version 1511 for 32-bit Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6.1
- Windows 10 Version 1511 for x64-based Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6.1
- Impact: Security Feature Bypass
- Version Number: 1.0
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.
Daniel
Hash: SHA256
********************************************************************
Microsoft Security Bulletin Summary for March 2016
Issued: March 8, 2016
********************************************************************
This bulletin summary lists security bulletins released for March 2016.
The full version of the Microsoft Security Bulletin Summary for March 2016 can be found at <https://technet.microsoft.com/library/security/ms16-mar>.
Critical Security Bulletins
============================
MS16-023
- Affected Software:
- Windows Vista Service Pack 2:
- Internet Explorer 9
- Windows Vista x64 Edition Service Pack 2:
- Internet Explorer 9
- Windows Server 2008 for 32-bit Systems Service Pack 2:
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2:
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows 7 for 32-bit Systems Service Pack 1:
- Internet Explorer 11
- Windows 7 for x64-based Systems Service Pack 1:
- Internet Explorer 11
- Windows Server 2008 R2 for x64-based Systems
Service Pack 1:
- Internet Explorer 11
(Windows Server 2008 R2 Server Core installation
not affected)
- Windows 8.1 for 32-bit Systems:
- Internet Explorer 11
- Windows 8.1 for x64-based Systems:
- Internet Explorer 11
- Windows Server 2012:
- Internet Explorer 10
(Windows Server 2012 Server Core installation not affected)
- Windows Server 2012 R2:
- Internet Explorer 11
(Windows Server 2012 R2 Server Core installation not affected)
- Windows RT 8.1:
- Internet Explorer 11
- Windows 10 for 32-bit Systems:
- Internet Explorer 11
- Windows 10 for x64-based Systems:
- Internet Explorer 11
- Windows 10 Version 1511 for 32-bit Systems:
- Internet Explorer 11
- Windows 10 Version 1511 for x64-based Systems:
- Internet Explorer 11
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-024
- Affected Software:
- Windows 10 for 32-bit Systems
- Microsoft Edge
- Windows 10 for x64-based Systems
- Microsoft Edge
- Windows 10 Version 1511 for 32-bit Systems
- Microsoft Edge
- Windows 10 Version 1511 for x64-based Systems
- Microsoft Edge
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-026
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-027
- Affected Software:
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation not affected)
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation not affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation not affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-028
- Affected Software:
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
Important Security Bulletins
============================
MS16-025
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-029
- Affected Software:
- Microsoft Office 2007 Service Pack 3
- Microsoft InfoPath 2007 Service Pack 3
- Microsoft Outlook 2007 Service Pack 3
- Microsoft Word 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 2010 Service Pack 2 (64-bit editions)
- Microsoft InfoPath 2010 Service Pack 2 (32-bit editions)
- Microsoft InfoPath 2010 Service Pack 2 (64-bit editions)
- Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
- Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
- Microsoft Word 2010 Service Pack 2 (32-bit editions)
- Microsoft Word 2010 Service Pack 2 (64-bit editions)
- Microsoft Office 2013 Service Pack 1 (32-bit editions)
- Microsoft InfoPath 2013 Service Pack 1 (32-bit editions)
- Microsoft InfoPath 2013 Service Pack 1 (64-bit editions)
- Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
- Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
- Microsoft Word 2013 Service Pack 1 (32-bit editions)
- Microsoft Word 2013 Service Pack 1 (64-bit editions)
- Microsoft Outlook 2013 RT Service Pack 1
- Microsoft Word 2013 RT Service Pack 1
- Microsoft Office 2016 (32-bit edition)
- Microsoft Outlook 2016 (32-bit edition)
- Microsoft Outlook 2016 (64-bit edition)
- Microsoft Word 2016 (32-bit edition)
- Microsoft Word 2016 (64-bit edition)
- Microsoft Word for Mac 2011
- Microsoft Word 2016 for Mac
- Microsoft Office Compatibility Pack Service Pack 3
- Microsoft Word Viewer
- Word Automation Services on Microsoft SharePoint Server 2010
Service Pack 2
- Word Automation Services on Microsoft SharePoint Server 2013
Service Pack 1
- Microsoft Office Web Apps 2010 Service Pack 2
- Microsoft Office Web Apps Server 2013 Service Pack 1
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-030
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
MS16-031
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Impact: Elevation of Privilege
- Version Number: 1.0
MS16-032
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Elevation of Privilege
- Version Number: 1.0
MS16-033
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Elevation of Privilege
- Version Number: 1.0
MS16-034
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1511 for 32-bit Systems
- Windows 10 Version 1511 for x64-based Systems
- Impact: Elevation of Privilege
- Version Number: 1.0
MS16-035
- Affected Software:
- Windows Vista Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6
- Windows Vista x64 Edition Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2008 for 32-bit Systems Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.0 Service Pack 2
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2:
- Microsoft .NET Framework 2.0 Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1:
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows 7 for x64-based Systems Service Pack 1:
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1:
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1:
- Microsoft .NET Framework 3.5.1
- Windows 8.1 for 32-bit Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows 8.1 for x64-based Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows Server 2012:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT 8.1:
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1
- Windows 10 for 32-bit Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6/4.6.1
- Windows 10 for x64-based Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6/4.6.1
- Windows 10 Version 1511 for 32-bit Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6.1
- Windows 10 Version 1511 for x64-based Systems:
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6.1
- Impact: Security Feature Bypass
- Version Number: 1.0
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.
Daniel
Cheers, Daniel...;)
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
8 Mar 2016 at 22:15, Shaun Nichols
Patch Tuesday Microsoft has published the March edition of its monthly security updates, addressing security flaws in Internet Explorer, Edge and Windows, while Adobe has issued updates for Digital Editions, Acrobat and Reader.
Microsoft posted 13 bulletins this month:
Patch Tuesday Microsoft has published the March edition of its monthly security updates, addressing security flaws in Internet Explorer, Edge and Windows, while Adobe has issued updates for Digital Editions, Acrobat and Reader.
Microsoft posted 13 bulletins this month:
- MS16-023 A cumulative update for Internet Explorer addressing 13 CVE-listed vulnerabilities, including remote code execution flaws. Visiting a booby-trapped webpage using IE can trigger the execution of malicious code and malware on the system.
- MS16-024 A cumulative update for Microsoft Edge that addresses 10 CVE-listed memory corruption vulnerabilities and one information disclosure flaw.
- MS16-025 An update for a single remote code execution vulnerability in Windows. This flaw only affects Windows Vista, Server 2008 and Server Core. "A remote code execution vulnerability exists when Microsoft Windows fails to properly validate input before loading certain libraries," says Redmond. "An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."
- MS16-026 Two CVE-listed vulnerabilities in Windows, one causing denial of service and another allowing remote code execution. If an attacker convinces "a user to open a specially crafted document, or to visit a webpage that contains specially crafted embedded OpenType fonts," then malicious code will execute on their system.
- MS16-027 Two CVE-listed vulnerabilities in Windows Media Parsing, both potentially allowing remote code execution. Visiting a webpage with a booby-trapped video embedded in it can exploit the bug to hijack the PC.
- MS16-028 Two flaws in the Windows PDF Library that allow for remote code execution if you open a maliciously crafted document.
- MS16-029 An update for Office addressing two memory corruption flaws and one security feature bypass vulnerability. Opening a document laced with bad code will trigger the bugs.
- MS16-030 An update for two remote code execution vulnerabilities in Windows OLE. "An attacker must convince a user to open either a specially crafted file or a program from either a webpage or an email message," noted Microsoft. After that, code execution is possible.
- MS16-031 An elevation of privilege vulnerability in Windows: applications can abuse handles in memory to gain administrator-level access.
- MS16-032 An elevation of privilege vulnerability in the Windows Secondary Logon Service: again, applications can abuse handles in memory to gain administrator-level access.
- MS16-033 An update to address a flaw in the Windows USB Mass Storage Class Driver that could allow attackers to gain elevation of privilege with a specially-crafted USB drive.
- MS16-034 A collection of four elevation of privilege flaws in the Windows Kernel-Mode Drivers: applications can exploit these to execute malicious code at the kernel level.
- MS16-035 A fix for one security feature bypass flaw in the .NET framework.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.