Microsoft February 2016 Patch Tuesday
Overview of the February 2016 Microsoft patches and their status.
# | Affected | Contra Indications - KB | Known Exploits | Microsoft rating(**) | ISC rating(*) | |
---|---|---|---|---|---|---|
clients | servers | |||||
MS16-009 | Cumulative Security Update for Internet Explorer (Replaces MS16-001 ) | |||||
Internet Explorer |
KB 3134220 | no. | Severity:Critical Exploitability: 1,2,1,1,1,1,1,1,1,3,4,1,3 |
Critical | Critical | |
MS16-010 | MS16-010 was published as part of the January update. (Security Update in Microsoft Exchange Server to Address Spoofing (3124557)) | |||||
MS16-011 | Cumulative Security Update for Microsoft Edge (Replaces KB3124266 ) | |||||
Microsoft Edge CVE-2016-0060, CVE-2016-0061, CVE-2016-0062, CVE-2016-0077, CVE-2016-0080, CVE-2016-0084 |
KB 3134225 | no. | Severity:Critical Exploitability: 1,1,1,3,1,1 |
Critical | Critical | |
MS16-012 | Remote Code Execution in PDF Library | |||||
Microsoft Windows PDF Library CVE-2016-0058 CVE-2016-0046 |
KB 3138938 | no. | Severity:Critical Exploitability: 2,1 |
Critical | Critical | |
MS16-013 | Remote Code Execution in Windows Journal (Replaces MS15-114 ) | |||||
Windows Journal CVE-2016-0038 |
KB 3134811 | no. | Severity:Critical Exploitability: 2 |
Critical | Critical | |
MS16-014 | Remote Code Execution in Microsoft Windows (Replaces MS16-007 ) | |||||
DLL Loading / Kerberos CVE-2016-0040 CVE-2016-0041 CVE-2016-0042 CVE-2016-0044 CVE-2016-0049 |
KB 3134228 | no. | Severity:Important Exploitability: 2,2,1,3,2 |
Critical | Important | |
MS16-015 | Remote Code Execution in Microsoft Office (Replaces MS16-004 ) | |||||
Microsoft Office CVE-2016-0022 CVE-2016-0052 CVE-2016-0053 CVE-2016-0054 CVE-2016-0055 CVE-2016-0056 |
KB 3134226 | no. | Severity:Critical Exploitability: 1,3,1,1,1,1,1 |
Critical | Important | |
MS16-016 | Elevation of Privilege Vulnerability in WebDAV (Replaces MS16-004 ) | |||||
WebDAV CVE-2016-0051 |
KB 3136041 | no. | Severity:Important Exploitability: 2 |
Important | Important | |
MS16-017 | Elevation of Privilege in Remote Desktop Display Driver (Replaces MS15-067 MS15-030 ) | |||||
Remote Desktop CVE-2016-0036 |
KB 3134700 | no. | Severity:Important Exploitability: 2 |
Important | Important | |
MS16-018 | Elevation of Privilege Vulnerability in Kernel Mode Drivers (Replaces MS16-005 ) | |||||
Kernel Mode Drivers CVE-2016-0048 |
KB 3136082 | no. | Severity:Important Exploitability: 1 |
Important | Important | |
MS16-019 | Denial of Service in .Net Framework (Replaces MS12-025 ) | |||||
.Net Framework CVE-2016-0033 CVE-2016-0047 |
KB 3137893 | no. | Severity:Important Exploitability: 3,2 |
Important | Important | |
MS16-020 | Denial of Service Vulnerability in Active Directory Federation Service (Replaces MS12-040 ) | |||||
Active Directory Federation Serivce CVE-2016-0037 |
KB 3134222 | no. | Severity:Important Exploitability: 3 |
Important | Important | |
MS16-021 | Denial of Service Vulnerability in NPS RADIUS Server (Replaces MS15-007 ) | |||||
Network Policy Server CVE-2016-0050 |
KB 3133043 | no. | Severity:Important Exploitability: 3 |
Important | Important |
We will update issues on this page for about a week or so as they evolve.
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
- We use 4 levels:
- PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
- Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
- Important: Things where more testing and other measures can help.
- Less Urt practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
- The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threatatches.
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
×
Diary Archives
Comments
Anonymous
Feb 10th 2016
8 years ago
Instead of being buried under KB2755801 then getting another KB from there, it's now listed as part of patch Tuesday, this month: MS16-022
Anonymous
Feb 10th 2016
8 years ago
http://technet.microsoft.com/library/security/ms16-022
(about Adobe Flash)
Anonymous
Feb 10th 2016
8 years ago
Anonymous
Feb 10th 2016
8 years ago
Anonymous
Feb 11th 2016
8 years ago
MSHTML.DLL (and other parts of IE) are used by quite some Windows components (and 3rd party applications too): the most prominent example is Windows HTML help.
All these components and 3rd party applications can be (ab)used to exploit the unfixed vulnerabilities in MSHTML.DLL and the other parts of IE<11.
So: YES, it's critical!
Anonymous
Feb 12th 2016
8 years ago
My MS16-016 is a built-in Windows kernel driver while MS16-004 is an Office vulnerability.
Anonymous
Feb 13th 2016
8 years ago