9 Security Bulletins were released – 6 Critical, 3 Important, and 0 Moderate
This Month In Brief
9 Security Bulletins were released – 6 Critical, 3 Important
We have not uncovered any widespread problems with any of these patches and are releasing all of them.
MS16-001, MS16-002, MS16-003, MS16-004, MS16-005, MS16-006 are rated Critical. After your next patch cycle completes you should follow up and make sure this is installed.
No out-of-band security updates were released during the last month.
Windows 10 cumulative updates are KB3124263 and KB3124266
Cumulative Update for Windows 10
https://support.microsoft.com/en-us/kb/3124266
Cumulative Update for Windows 10 Version 1511
https://support.microsoft.com/en-us/kb/3124263
Attention Citrix users: Known issues with Windows 10 running Citrix XenDesktop in conjunction with Citrix WorkstationOS Virtual Delivery Agent (VDA)
“Microsoft will temporarily not install KB3124266/KB3124263 through Windows Updates on Windows 10 machines which has XenDesktop/Citrix VDA installed.”
Kaseya uses Windows Updates detection logic to determine which patches need to be deployed. So it our understanding that those machines affected by this will not show KB3124266/KB3124263 as a missing patch and it will not get installed by Kaseya patching. However we cannot be certain of this and recommend that partners with XenDesktop/Citrix VDA installed to Suspend or Cancel Kaseya patching on those agent. This is on the Patch Management> Manage Machines> Automatic Update page in the console. Cancelling (clearing) the Automatic Update schedule will stop patching as well. If KB3124266/KB3124263 shows up as missing on these agents you should set it to Ignore on the Patch Management> Manage Updates> Patch Update page in the console. If you have any question or need assistance please open a ticket by visiting here.
Citrix Known Issues with January 2016 Microsoft Security Updates for VDA 7.6.300/7.7.0 on Windows 10
http://support.citrix.com/article/CTX205398
Denied Patch KB3114409 update: KB3114409 is fixed with KB3114570
KB3114409 “After you install this update, Outlook 2010 may start only in safe mode.”
Microsoft pulled the patch last month. We denied it to ensure it didn’t “slip” out on machines with older scan results.
KB3114570 appears to be safe and we have approved it in our patch policy
January 12, 2016, update for Outlook 2010 (KB3114570)
https://support.microsoft.com/en-us/kb/3114570
Pain in the Flash: KB3132372 caused issues and KB3133431 fixed them
KB3132372 [Security Update (Non-rated)]
“We are aware of limited application crashes that occur after this security update is installed on Windows 10”
Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge: December 29, 2015
https://support.microsoft.com/en-us/kb/3132372
KB3133431 [Critical Update]
Resolves a problem in which Adobe Flash Player does not load correctly in applications that are running in Internet Explorer or Microsoft Edge and that have Flash Player embedded.
Update for Adobe Flash Player in Internet Explorer and Microsoft Edge: January 5, 2016
https://support.microsoft.com/en-us/kb/3133431
Notable news: Support for Windows 8 and older version of Internet Explorer ended on January 12th, 2016
Windows 8.1 Support Lifecycle Policy FAQ
https://support.microsoft.com/en-us/gp/lifecycle-windows81-faq?wa=wsignin1.0
Support for older versions of Internet Explorer ended on January 12th, 2016
https://www.microsoft.com/en-us/WindowsForBusiness/End-of-IE-supportWindows 8.1 Support Lifecycle Policy FAQ
Exploitability
- Publically disclosed: None
- Being exploited: None
- Rated CRITICAL: MS16-001, MS16-002, MS16-003, MS16-004, MS16-005, MS16-006
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)
Requires Restart
- Servers:True
- Workstations:True
New Security Bulletins
(MS#/Affected Software/Type)
CRITICAL
 |
MS16-001 Cumulative Security Update for Internet Explorer (3124903) | (Internet Explorer) The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. |
|
MS16-002 Cumulative Security Update for Microsoft Edge (3124904) | (Microsoft Edge) The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. |
|
MS16-003 Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3125540) | (Microsoft Windows) The vulnerability could allow remote code execution if a user visits a specially crafted website. |
|
MS16-004 Security Update for Microsoft Office to Address Remote Code Execution (3124585) | (Microsoft Office,Visual Basic) The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. |
|
MS16-005 Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584) | (Microsoft Windows) The more severe of the vulnerabilities could allow remote code execution if a user visits a malicious website. |
|
MS16-006 Security Update for Silverlight to Address Remote Code Execution (3126036) | (Microsoft Silverlight) The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application. |
IMPORTANT
 |
MS16-007 Security Update for Microsoft Windows to Address Remote Code Execution (3124901) | (Microsoft Windows) The vulnerability could allow information disclosure if a user views a specially crafted webpage using Internet Explorer. |
|
MS16-008 Security Update for Windows Kernel to Address Elevation of Privilege (3124605) | (Microsoft Windows) The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. |
|
MS16-010 Security Update in Microsoft Exchange Server to Address Spoofing (3124557) | (Microsoft Exchange Server) The most severe of the vulnerabilities could allow spoofing if Outlook Web Access (OWA) fails to properly handle web requests, and sanitize user input and email content. |
