Security Alerts

MS16-126 - Moderate: Security Update for Microsoft Internet Messaging API (3196067) - Version: 2.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Moderate
Revision Note: V2.0 (December 13, 2016): Revised bulletin to announce the following updates have been rereleased with a detection change that addresses a supersedence issue that certain customers experienced when attempting to install the October Security Only updates. - Security Only update 3192391 for all supported releases of Windows 7 and Windows Server 2008 R2. For more information, see Microsoft Knowledge Base Article 3192391. - Security Only update 3192393 for Windows Server 2012. For more information, see Microsoft Knowledge Base Article 3192393 - Security Only update 3192392 for Windows 8.1 and Windows Server 2012 R2. For more information, see Microsoft Knowledge Base Article 3192392. These are detection changes only. There were no changes to the update files. Customers who have already successfully installed any of these updates do not need to take any action. For more information, see the Microsoft Knowledge Base article for the respective update.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker successfully convinces a user of an affected system to visit a malicious or compromised website. Note that you must install two updates to be protected from the vulnerability discussed in this bulletin: The update in this bulletin, MS16-126, and the update in MS16-118.
Categories: Security Alerts

MS16-120 - Critical: Security Update for Microsoft Graphics Component (3192884) - Version: 2.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Critical
Revision Note: V2.0 (December 13, 2016): Revised bulletin to announce the following updates have been rereleased with a detection change that addresses a supersedence issue that certain customers experienced when attempting to install the October Security Only updates. - Security Only update 3192391 for all supported releases of Windows 7 and Windows Server 2008 R2. For more information, see Microsoft Knowledge Base Article 3192391. - Security Only update 3192393 for Windows Server 2012. For more information, see Microsoft Knowledge Base Article 3192393 - Security Only update 3192392 for Windows 8.1 and Windows Server 2012 R2. For more information, see Microsoft Knowledge Base Article 3192392. These are detection changes only. There were no changes to the update files. Customers who have already successfully installed any of these updates do not need to take any action. For more information, see the Microsoft Knowledge Base article for the respective update.
Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync. The most serious of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Categories: Security Alerts

MS16-155 - Important: Security Update for .NET Framework (3205640) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Important
Revision Note: V1.0 (December 13, 2016):
Summary: This security update resolves a vulnerability in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. A security vulnerability exists in Microsoft .NET Framework 4.6.2 that could allow an attacker to access information that is defended by the Always Encrypted feature.
Categories: Security Alerts

MS16-152 - Important: Security Update for Windows Kernel (3199709) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Important
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: The security update addresses the vulnerability by helping to ensure the kernel API correctly enforces access controls applied to this information. This security update resolves a vulnerability in Microsoft Windows. An information disclosure vulnerability exists when the Windows Kernel improperly handles objects in memory.
Categories: Security Alerts

MS16-144 - Critical: Cumulative Security Update for Internet Explorer (3204059) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Critical
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Categories: Security Alerts

MS16-147 - Critical: Security Update for Microsoft Uniscribe (3204063) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Critical
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Windows Uniscribe. The vulnerability could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update addresses the vulnerabilities by correcting how the Windows Uniscribe handles objects in the memory.
Categories: Security Alerts

MS16-145 - Critical: Cumulative Security Update for Microsoft Edge (3204062) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Critical
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.
Categories: Security Alerts

MS16-146 - Critical: Security Update for Microsoft Graphics Component (3204066) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Critical
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Categories: Security Alerts

MS16-150 - Important: Security Update for Secure Kernel Mode (3205642) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Important
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if a locally-authenticated attacker runs a specially crafted application on a targeted system. An attacker who successfully exploited the vulnerability could violate virtual trust levels (VTL).
Categories: Security Alerts

MS16-153 - Important: Security Update for Common Log File System Driver (3207328) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Important
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow Information Disclosure when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to bypass security measures on the affected system allowing further exploitation.
Categories: Security Alerts

MS16-149 - Important: Security Update for Microsoft Windows (3205655) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Important
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application.
Categories: Security Alerts

MS16-151 - Important: Security Update for Windows Kernel-Mode Drivers (3205651) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Important
Revision Note: V1.0 (December 13, 2016): Bulletin published
Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
Categories: Security Alerts

MS16-154 - Critical: Security Update for Adobe Flash Player (3209498) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Critical
Revision Note: V1.0 (December 13, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
Categories: Security Alerts

MS16-148 - Critical: Security Update for Microsoft Office (3204068) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Critical
Revision Note: V1.0 (December 13, 2016): Bulletin published
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Categories: Security Alerts

MS16-DEC - Microsoft Security Bulletin Summary for December 2016 - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Revision Note: V1.0 (December 13, 2016): Bulletin published
Summary: This bulletin summary lists security bulletins released for December 2016.
Categories: Security Alerts

MS15-SEP - Microsoft Security Bulletin Summary for September 2015 - Version: 4.0

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Revision Note: V4.0 (December 13, 2016): V4.1 (December 13, 2016): For MS15-094, bulletin revised to include an additional vulnerability, CVE-2015-2496. This is an informational change only. Customers who have successfully installed the updates do not need to take any further action.
Summary: This bulletin summary lists security bulletins released for September 2015.
Categories: Security Alerts

MS15-094 - Critical: Cumulative Security Update for Internet Explorer (3089548) - Version: 1.1

Microsoft Comprehensive Security Alerts - Tue, 2016-12-13 10:00
Severity Rating: Critical
Revision Note: V1.1 (December 13, 2016): Bulletin revised to include an additional vulnerability, CVE-2015-2496. This is an informational change only. Customers who have successfully installed the updates do not need to take any further action..
Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Categories: Security Alerts

Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities

Cisco Security Advisories - Thu, 2016-12-08 13:19
Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs

Note: The September 23, 2015, release of the Cisco IOS and IOS XE Software Security Advisory bundled publication includes three Cisco Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: September 2015 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep15.html

Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs

Note: The September 23, 2015, release of the Cisco IOS and IOS XE Software Security Advisory bundled publication includes three Cisco Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: September 2015 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep15.html


Security Impact Rating: High
CVE: CVE-2015-6278,CVE-2015-6279
Categories: Security Alerts

Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities

Cisco Security Advisories - Wed, 2016-12-07 14:53
Devices running Cisco IOS Software or IOS XE Software contain vulnerabilities within the Internet Key Exchange (IKE) version 2 subsystem that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerabilities are due to how an affected device processes certain malformed IKEv2 packets. An attacker could exploit these vulnerabilities by sending malformed IKEv2 packets to an affected device to be processed. A successful exploit could allow the attacker to cause a reload of the affected device or excessive consumption of resources that would lead to a DoS condition. IKEv2 is automatically enabled on devices running Cisco IOS and Cisco IOS XE Software when the Internet Security Association and Key Management Protocol (ISAKMP) is enabled. These vulnerabilities can only be triggered by sending malformed IKEv2 packets.

There are no workarounds for the vulnerabilities described in this advisory. Cisco has released software updates that address these vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2

Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html

Devices running Cisco IOS Software or IOS XE Software contain vulnerabilities within the Internet Key Exchange (IKE) version 2 subsystem that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerabilities are due to how an affected device processes certain malformed IKEv2 packets. An attacker could exploit these vulnerabilities by sending malformed IKEv2 packets to an affected device to be processed. A successful exploit could allow the attacker to cause a reload of the affected device or excessive consumption of resources that would lead to a DoS condition. IKEv2 is automatically enabled on devices running Cisco IOS and Cisco IOS XE Software when the Internet Security Association and Key Management Protocol (ISAKMP) is enabled. These vulnerabilities can only be triggered by sending malformed IKEv2 packets.

There are no workarounds for the vulnerabilities described in this advisory. Cisco has released software updates that address these vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2

Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html


Security Impact Rating: High
CVE: CVE-2015-0642,CVE-2015-0643
Categories: Security Alerts

Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account.

The vulnerability is due to incorrect permissions on a system directory at installation. An attacker could exploit this vulnerability by creating a modified interprocess communication (IPC) to the VPN agent process. An exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1 A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account.

The vulnerability is due to incorrect permissions on a system directory at installation. An attacker could exploit this vulnerability by creating a modified interprocess communication (IPC) to the VPN agent process. An exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1
Security Impact Rating: Medium
CVE: CVE-2016-9192
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator - Security Alerts