It is currently 18-12-2017 10:09

Microsoft released 14 of the scheduled security bulletins for its products

Microsoft released 14 of the scheduled security bulletins for its products

by sigismund » 2016-09-14 11:55:29


Seven bulletins are critical, since correcting a vulnerability that allows remotely to execute code.


On Tuesday, September 13, was planned to release updates for Microsoft products. At this time, the company issued 14 security bulletins. Seven of them are critical, since correcting a vulnerability that allows remotely to execute code.

The critical Bulletin MS16-104 addresses ten vulnerabilities in Internet Explorer: five of them enable you to cause memory corruption and remote code execution, three to disclose information, one to elevate privileges and another to bypass the security mechanisms. Not all vulnerabilities have been disclosed publicly, however, according to Microsoft, CVE-2016-3351 exploited by hackers.

MS16-105 fixes seven critical vulnerabilities in Edge, with which an attacker can remotely execute code, and another five to disclose information. MS16-106 is designed for the Microsoft Graphics Component. For Windows version 10 1607 newsletter is critical, and for all other supported builds of Windows important. The patch fixes vulnerabilities in Windows Graphics Device Interface (GDI) that allows remotely to execute code to elevate privileges, and disclose information and two vulnerabilities in Win32k, allowing to elevate privileges.

MS16-107 corrects a security problem in Microsoft Office. One of the fixed vulnerabilities present in Office for ten years, but it became known about it only nine months ago. Bulletin MS16-108 is designed for vulnerabilities in Microsoft Exchange Server, and MS16-116 – in the mechanism of OLE Automation and VBScript engine.

Traditionally, Microsoft has also released a patch for vulnerabilities in Adobe Flash Player (critical Bulletin MS16-117).
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5