2 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...curity/ms16-sep
Sep 13, 2016 - "This bulletin summary lists security bulletins released for September 2016...
(Total of -14-)

Microsoft Security Bulletin MS16-104 - Critical
Cumulative Security Update for Internet Explorer (3183038)
- https://technet.micr...curity/MS16-104
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS16-105 - Critical
Cumulative Security Update for Microsoft Edge (3183043)
- https://technet.micr...curity/MS16-105
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Microsoft Edge

Microsoft Security Bulletin MS16-106 - Critical
Security Update for Microsoft Graphics Component (3185848)
- https://technet.micr...curity/MS16-106
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-107 - Critical
Security Update for Microsoft Office (3185852)
- https://technet.micr...curity/MS16-107
Critical - Remote Code Execution - May require restart - Microsoft Office, Microsoft Office Services and Web Apps

Microsoft Security Bulletin MS16-108 - Critical
Security Update for Microsoft Exchange Server (3185883)
- https://technet.micr...curity/MS16-108
Critical - Remote Code Execution - May require restart - Microsoft Exchange

Microsoft Security Bulletin MS16-109 - Important
Security Update for Silverlight (3182373)
- https://technet.micr...curity/MS16-109
Important - Remote Code Execution - Does not require restart - Microsoft Windows

Microsoft Security Bulletin MS16-110 - Important
Security Update for Microsoft Windows (3178467)
- https://technet.micr...curity/MS16-110
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-111 - Important
Security Update for Windows Kernel (3186973)
- https://technet.micr...curity/MS16-111
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-112 - Important
Security Update for Windows Lock Screen (3178469)
- https://technet.micr...curity/MS16-112
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-112 - Important
Security Update for Windows Lock Screen (3178469)
- https://technet.micr...curity/MS16-112
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-113 - Important
Security Update for Windows Secure Kernel Mode (3185876)
- https://technet.micr...curity/MS16-113
Important - Information Disclosure - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-114 - Important
Security Update for Windows SMBv1 Server (3185879)
- https://technet.micr...curity/MS16-114
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-115 - Important
Security Update for Microsoft Windows PDF Library (3188733)
- https://technet.micr...curity/MS16-115
Important - Information Disclosure - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-116 - Critical
Security Update in OLE Automation for VBScript Scripting Engine (3188724)
- https://technet.micr...curity/MS16-116
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-117 - Critical
Security Update for Adobe Flash Player (3188128)
- https://technet.micr...curity/MS16-117
Critical - Remote Code Execution- Requires restart - Microsoft Windows, Adobe Flash Player
___

MS16-104: http://www.securityt....com/id/1036788
MS16-105: http://www.securityt....com/id/1036789
MS16-106: http://www.securityt....com/id/1036786
MS16-107: http://www.securityt....com/id/1036785
MS16-108: http://www.securityt....com/id/1036778
MS16-109: http://www.securityt....com/id/1036795
MS16-110: http://www.securityt....com/id/1036798
MS16-111: http://www.securityt....com/id/1036802
MS16-112: http://www.securityt....com/id/1036799
MS16-113: http://www.securityt....com/id/1036800
MS16-114: http://www.securityt....com/id/1036803
___

- https://blogs.techne...update-release/
Sep 13, 2016

Security Advisories:
Microsoft Security Advisory 3174644
Updated Support for Diffie-Hellman Key Exchange
- https://technet.micr...ecurity/3174644
Sep 13, 2016
Microsoft Security Advisory 3181759
Vulnerabilities in ASP.NET Core View Components Could Allow Elevation of Privilege
- https://technet.micr...ecurity/3181759
Sep 13, 2016

Sep 2016 Office Update Release
- https://blogs.techne...update-release/
Sep 13, 2016 - "... This month, there are -34- security updates (1 bulletin) and 35 non-security updates.
Security bulletins:
MS16-107: https://technet.micr...y/ms16-107.aspx
All of the security and non-security updates for September are listed in KB article 3188548:
> http://support.micro....com/kb/3188548
A new version of Office 2013 Click-To-Run is available: 15.0.4859.1002
A new version of Office 2010 Click-To-Run is available: 14.0.7173.5001
For information on Office 365 Click-To-Run updates, see Office 365 client update branch releases:
- https://technet.micr.../en-us/mt465751
___

ISC Analysis: https://isc.sans.edu...wday=2016-09-13

Qualys Analysis: https://blog.qualys....for-august-2016
"... 14 security bulletins that affect a host of components including desktop operating systems, servers, browsers, Exchange server, Silverlight, SMBv1 and several others. It’s a large update that will keep desktop as well as server administrators busy. Seven updates are rated as critical, while the other seven are rated as Important. One 0-day vulnerability CVE-2016-3352 which was publicly disclosed earlier is also patched in the MS16-110 bulletin..."

.

Edited by AplusWebMaster, 14 September 2016 - 05:17 AM.

[AplusWebMaster]

FYI...

MS16-104: Security update for Internet Explorer
- https://support.micr...n-us/kb/3185319
"... Known issues in this security update:
• When you open a .URL shortcut in Windows Explorer (such as from the Favorites folder), you receive a "File Download – Security Warning" message.
• Microsoft is aware of limited situations in which an ActiveX installation fails when you use the ActiveX Installer Service (AXIS) together with Internet Explorer 10 or Internet Explorer 11.
 To resolve this issue, install update 3192665*..."
Last Review: 09/30/2016 23:43:00 - Rev: 3.0
Applies to: Internet Explorer 11, Internet Explorer 10, Windows Internet Explorer 9

ActiveX installation that uses AXIS fails after you install MS16-104
* https://support.micr...n-us/kb/3192665
Last Review: 09/22/2016 20:07:00 - Rev: 1.0
Applies to: Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows 7 Service Pack 1
 

[AplusWebMaster]

FYI...

'Get Windows 10' snooping patch KB 2952664 reappears
- http://www.infoworld...-reappears.html
Oct 5, 2016 - "For whatever reason, our old nemesis KB 2952664 reappeared suddenly yesterday afternoon, and Windows users are livid... For those of you who don't recall, KB 2952664 (and its Windows 8.1 companion KB 2976978)... Bottom line: If you want to upgrade your Windows 7 or 8.1 PC to Windows 10, and haven't already done so, you're being set up to pay-full-price for the privilege. If you want to keep Windows 10 off your machine, don't install KB 2952664 (Win7) or KB 2976978 (Win 8.1)...
Update: A Microsoft spokesperson sent this comment:
'There is no Get Windows 10 or upgrade functionality contained in this update. This KB article is related to the Windows Update and the appraiser systems that enables us to continue to deliver servicing updates to Windows 7 and Windows 8.1 devices, as well as ensure device and application compatibility.'"

- https://support.micr...n-us/kb/2952664
Last Review: 10/04/2016 17:25:00 - Rev: 25.0
Applies to: Windows 7 Service Pack 1

- https://support.micr...n-us/kb/2976978
Last Review: 10/04/2016 17:29:00 - Rev: 29.0
Applies to: Windows 8.1 Enterprise, Windows 8.1, Windows 8.1 Pro, Windows 8 Enterprise, Windows 8, Windows 8 Pro
 

Edited by AplusWebMaster, 07 October 2016 - 07:45 AM.