IE and Graphics head Microsoft's Patch Tuesday critical list

Get updating before the crims catch on

band_aid_648

There's 15 flaw fixes covering 36 vulnerabilities in this month's patch bundle from Microsoft.

Microsoft's browsers need a lot of work – Internet Explorer gets five fixes and the new Edge code has four. Both applications' patches have been named as critical by Redmond. There's also a five-fix bundle for Microsoft's graphics component and seven flaws found in Windows kernel drivers, mainly for 32-bit versions of the operating system.

Critical

  • MS16-051 Flaws in Internet Explorer's scripting engine and its security system could allow remote code execution, but not for privilege escalation. Then again, other flaws could allow an attacker to push up to admin level.
  • MS16-052 Edge also has problems with its scripting engine that allow for remote code attacks, as well as an issue with memory corruption in the browser.
  • MS16-053 JScript and VBScript are also vulnerable to scripting engine failures but Microsoft reports they are limited to the access level of the user, so if you're not running as an admin it should remain a local problem.
  • MS16-054 Memory corruption flaws have also been found in Office, and three of the four flaw fixes cover the issues. There's also a Graphics RCE vulnerability lurking in Microsoft's applications suite.
  • MS16-055 Microsoft's graphics component gets five fixes, mainly covering information disclosure problems but also an issue with Direct3D and Windows Imaging.
  • MS16-056 The few users of Windows Journal have a single fix to add to the note-taking app, but it's a critical one that will allow remote code execution.
  • MS16-057 The last of the critical flaws covers Windows Shell what would allow a website hosting malware to inject code into a vulnerable machine.

Important

  • MS16-058 Internet Information Services gets an important fix that would stop an infection if a user is dumb enough to download a malicious app and try to run it on their machine.
  • MS16-059 A flaw in Windows Media Center would allow pwnage if a specially crafted (.mcl) file containing malware is run by the application.
  • MS16-060 There's a fix for Windows Kernel that would allow an attacker to raise privileges from a simple user to admin-level control, which is particularly dangerous considering some of the critical flaws in May's bundle.
  • MS16-061 Microsoft has fixed a similar privilege escalation flaw in the Remote Procedure Call protocol for Windows with this fix.
  • MS16-062 There are seven fixes for the Windows Kernel Driver, five of them covering the 32-bit version of Windows used by older machines. The patch also fixes issues with the DirectX Graphics Kernel.
  • MS16-064 Adobe Flash gets a patch bundle from Microsoft, for those still willing to use the buggy software
  • MS16-065 Redmond has spotted an information leak in .NET that would allow an attacker to gather information on a target using a man-in-the-middle attack that floods unencrypted data onto the computer.
  • MS16-066 There's an important flaw in Microsoft's Virtual Secure mode that needs patching (the irony) that allows malware to bypass code integrity protections in Windows.
  • MS16-067 Microsoft's final fix covers an issue with the Volume Manager Driver that would cause information leakage.

Work fast because malware writers will be perusing Microsoft's patching list with equal interest as admins and crafting attack code to exploit these flaws. It's not called Exploit Wednesday for nothing. ®

Sponsored: The Joy and Pain of Buying IT - Have Your Say


Biting the hand that feeds IT © 1998–2017