Home > Microsoft Security > Microsoft Patch Tuesday June 2016

Microsoft Patch Tuesday June 2016

Contents

For MS16-004, added Known Issues references to the Executive Summaries table. This documentation is archived and is not being maintained. For more information, see the following:Microsoft Knowledge Base Article 2920727Microsoft Knowledge Base Article 2881029Microsoft Knowledge Base Article 2881067Microsoft Knowledge Base Article 3039794Microsoft Knowledge Base Article 3124585 Page generated 2016-02-22 10:14-08:00. Security software providers can then use this vulnerability information to provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion this contact form

Critical Remote Code Execution Requires restart 3148522 Microsoft Windows, Microsoft .NET Framework,Microsoft Office, Skype for Business,Microsoft Lync. Important Remote Code Execution Requires restart 3124266 3124263 Microsoft Windows MS16-008 Security Update for Windows Kernel to Address Elevation of Privilege (3124605) This security update resolves vulnerabilities in Microsoft Windows. For information about these and other tools that are available, see Security Tools for IT Pros.  Acknowledgments Microsoft recognizes the efforts of those in the security community who help us protect Manage Your Profile | Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2017 Microsoft © 2017 Microsoft https://technet.microsoft.com/en-us/library/security/ms16-apr.aspx

Microsoft Patch Tuesday June 2016

April 12, 2016 MS16-038 Cumulative Security Update for Microsoft Edge (3148532) Microsoft Edge,Microsoft Windows April 12, 2016 MS16-037 Cumulative Security Update for Internet Explorer (3148531) Microsoft Windows, Internet Explorer March 2016 See Acknowledgments for more information. For a comprehensive list of updates replaced, go to the Microsoft Update Catalog, search for the update KB number, and then view update details (updates replaced information is on the Package Critical Remote Code Execution May require restart 3114503 2920727 2881029 2881067 3039794 3124585 Microsoft Office,Visual Basic MS16-005 Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584) This security update resolves

The vulnerability could allow information disclosure when Windows Secure Kernel Mode improperly handles objects in memory. You should review each software program or component listed to see whether any security updates pertain to your installation. Show: Inherited Protected Print Export (0) Print Export (0) Share IN THIS ARTICLE Is this page helpful? Microsoft Patch Tuesday August 2016 Detection and Deployment Tools and Guidance Several resources are available to help administrators deploy security updates.

Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Includes all Windows content. https://technet.microsoft.com/en-us/library/security/ms16-jan.aspx Not applicable Not applicable Not applicable MS16-065: Security Update for .NET Framework (3156757) CVE-2016-0149 TLS/SSL Information Disclosure Vulnerability 3 - Exploitation Unlikely 3 - Exploitation Unlikely Not applicable MS16-066: Security Update

This documentation is archived and is not being maintained. Microsoft Security Bulletin July 2016 Use this table to learn about the likelihood of code execution and denial of service exploits within 30 days of security bulletin release, for each of the security updates that you Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Security TechCenter Home Security Updates Tools Learn Library Support We’re sorry. See Microsoft Knowledge Base Article 3144432 for more information.

  • An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.
  • Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Microsoft Office Services and Web Apps Microsoft SharePoint Server 2010 Bulletin Identifier MS16-088 Aggregate Severity Rating Important Microsoft SharePoint Server 2010 Service Pack 2 Word Automation Services(3115312)(Important) Microsoft SharePoint Server 2013
  • An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.
  • V3.0 (June 14, 2016): Microsoft has re-released security update 3144427 for affected editions of Microsoft Lync 2010 and Microsoft Lync 2010 Attendee.
  • How do I use this table?
  • Download Microsoft Security Bulletin DataRelated Links Get security bulletin notificationsReceive up-to-date information in RSS or e-mail format.

Microsoft Patch Tuesday July 2016

For a comprehensive list of updates replaced, go to the Microsoft Update Catalog, search for the update KB number, and then view update details (updates replaced information is provided on the https://technet.microsoft.com/en-us/library/security/ms16-may.aspx Use this table to learn about the likelihood of code execution and denial of service exploits within 30 days of security bulletin release, for each of the security updates that you Microsoft Patch Tuesday June 2016 Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Security TechCenter Home Security Updates Tools Learn Library Support We’re sorry. Microsoft Security Bulletin June 2016 In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation

The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. http://supportcanonprinter.com/microsoft-security/microsoft-security-advisory-2016.html An attacker would have no way to force users to visit a compromised website. Displays all new, revised, and rereleased updates for Microsoft products other than Microsoft Windows. If a software program or component is listed, then the severity rating of the software update is also listed. Microsoft Security Bulletin May 2016

Non-Security Updates on MU, WU, and WSUS For information about non-security releases on Windows Update and Microsoft Update, please see: Microsoft Knowledge Base Article 894199: Description of Software Update Services and MS16-040 Security Update for Microsoft XML Core Services (3148541) This security update resolves a vulnerability in Microsoft Windows. The content you requested has been removed. http://supportcanonprinter.com/microsoft-security/microsoft-patch-tuesday-schedule.html An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Microsoft Security Bulletin March 2016 You’ll be auto redirected in 1 second. Security Advisories and Bulletins Security Bulletin Summaries 2016 2016 MS16-APR MS16-APR MS16-APR MS16-DEC MS16-NOV MS16-OCT MS16-SEP MS16-AUG MS16-JUL MS16-JUN MS16-MAY MS16-APR MS16-MAR MS16-FEB MS16-JAN TOC Collapse the table of content Expand

The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a specially crafted website.

Furthermore, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. Security Bulletins Security Bulletin Summaries Security Advisories Microsoft Vulnerability Research Advisories Acknowledgments Glossary For more information about the MSRC, see Microsoft Security Response Center. Security Advisories and Bulletins Security Bulletins 2016 2016 MS16-039 MS16-039 MS16-039 MS16-155 MS16-154 MS16-153 MS16-152 MS16-151 MS16-150 MS16-149 MS16-148 MS16-147 MS16-146 MS16-145 MS16-144 MS16-142 MS16-141 MS16-140 MS16-139 MS16-138 MS16-137 MS16-136 MS16-135 Microsoft Security Bulletin April 2016 Support The affected software listed has been tested to determine which versions are affected.

Microsoft Baseline Security Analyzer (MBSA) lets administrators scan local and remote systems for missing security updates and common security misconfigurations. See Acknowledgments for more information. Note You may have to install several security updates for a single vulnerability. http://supportcanonprinter.com/microsoft-security/microsoft-patch.html Microsoft Active Protections Program (MAPP) To improve security protections for customers, Microsoft provides vulnerability information to major security software providers in advance of each monthly security update release.

Important Spoofing May require restart --------- Microsoft Exchange Server Exploitability Index The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. Detection and Deployment Tools and Guidance Several resources are available to help administrators deploy security updates. Critical Remote Code Execution Requires restart --------- Microsoft Windows MS16-058 Security Update for Windows IIS (3141083)This security update resolves a vulnerability in Microsoft Windows. CVE ID                     Vulnerability Title Exploitability Assessment forLatest Software Release Exploitability Assessment forOlder Software Release Denial of ServiceExploitability Assessment MS16-037: Cumulative Security Update for Internet Explorer (3148531) CVE-2016-0154 Microsoft Browser Memory Corruption Vulnerability 1 - Exploitation More Likely 1 - Exploitation More Likely Not applicable