Home > Microsoft Security > Microsoft Patch Tuesday July 2016

Microsoft Patch Tuesday July 2016

Contents

See ASP.NET Ajax CDN Terms of Use – http://www.asp.net/ajaxlibrary/CDN.ashx. ]]> TechNet Products Products Windows Windows Server System Center Browser Important Elevation of Privilege Does not require restart --------- Microsoft Windows MS15-063 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (3063858) This security update resolves a vulnerability in Microsoft Windows. For more information, see Microsoft Knowledge Base Article 913086. Support The affected software listed has been tested to determine which versions are affected. navigate here

You can find them most easily by doing a keyword search for "security update". The vulnerabilities are listed in order of bulletin ID then CVE ID. All supported editions of Windows 7 are affected if RDP 8.0 is installed on the system. Security Strategies and Community Update Management Strategies Security Guidance for Update Management provides additional information about Microsoft’s best-practice recommendations for applying security updates. https://technet.microsoft.com/en-us/library/security/ms15-jul.aspx

Microsoft Patch Tuesday July 2016

The vulnerabilities could allow Remote Code Execution if an attacker first places a specially crafted dynamic link library (DLL) file in the target user’s current working directory and then convinces the Bulletin ID Bulletin Title and Executive Summary Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software MS14-037 Cumulative Security Update for Internet Explorer (2975687) This security update resolves one publicly Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Microsoft Security Bulletin Summary for July 2016 Published: July 12, 2016 | Updated: July 29, 2016 Version: 1.1 On this page Executive Summaries Exploitability Index Affected Software Detection and Deployment Tools

Includes all Windows content. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. V1.3 (September 23, 2015): Bulletin Summary revised to correct the title for CVE-2015-2514 in the Exploitability Index. Microsoft Security Bulletin August 2016 Download Microsoft Security Bulletin DataRelated Links Get security bulletin notificationsReceive up-to-date information in RSS or e-mail format.

You should review each software program or component listed to see whether any security updates pertain to your installation. Executive Summaries The following table summarizes the security bulletins for this month in order of severity. You can find them most easily by doing a keyword search for "security update". https://technet.microsoft.com/en-us/library/security/ms15-sep.aspx Critical Remote Code Execution Requires restart --------- Microsoft Windows MS16-117 Security Update for Adobe Flash Player (3188128)This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of

However, an attacker would have no way of forcing a user to visit the share or view the file. Microsoft Security Bulletin June 2016 Important Elevation of Privilege Requires restart --------- Microsoft Windows MS15-073 Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102) This security update resolves vulnerabilities in Microsoft Windows. Security software providers can then use this vulnerability information to provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion Important Elevation of Privilege May require restart --------- Microsoft Windows, Microsoft .NET Framework MS15-049 Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985) This security update resolves a vulnerability in Microsoft Silverlight.

July Patch Tuesday 2016

For information about these and other tools that are available, see Security Tools for IT Pros.  Acknowledgments Microsoft recognizes the efforts of those in the security community who help us protect We appreciate your feedback. Microsoft Patch Tuesday July 2016 All supported editions of Windows 7 are affected if RDP 8.0 is installed on the system. Microsoft July Patches 2016 Review each of the assessments below, in accordance with your specific configuration, to prioritize your deployment of this month's updates.

The vulnerability could allow remote code execution if a user visits a specially crafted website. check over here Important Elevation of Privilege Requires restart 3067505 Microsoft Windows MS15-077 Vulnerability in ATM Font Driver Could Allow Elevation of Privilege (3077657) This security update resolves a vulnerability in Microsoft Windows. On Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 operating systems, the vulnerability could allow remote code execution if an authenticated attacker sends specially crafted packets to You can find them most easily by doing a keyword search for "security update". Microsoft Patch Tuesday Schedule

Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. For more information about what these ratings mean, and how they are determined, please see Microsoft Exploitability Index. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. his comment is here Windows Server Update Services (WSUS), Systems Management Server (SMS), and System Center Configuration Manager help administrators distribute security updates.

The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically. Microsoft Security Bulletin September 2016 Non-Security Updates on MU, WU, and WSUS For information about non-security releases on Windows Update and Microsoft Update, please see: Microsoft Knowledge Base Article 894199: Description of Software Update Services and Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.

Manage Your Profile | Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2017 Microsoft © 2017 Microsoft

V4.1 (December 13, 2016): For MS15-094, bulletin revised to include an additional vulnerability, CVE-2015-2496. For more information about what these ratings mean, and how they are determined, please see Microsoft Exploitability Index. This documentation is archived and is not being maintained. weblink Critical Remote Code Execution Requires restart --------- Microsoft Windows,Adobe Flash Player MS16-094 Security Update for Secure Boot (3177404)This security update resolves a vulnerability in Microsoft Windows.

See Acknowledgments for more information. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Windows Operating System and Components Windows Server 2003 Bulletin Identifier MS14-037 MS14-038 MS14-039 MS14-040 MS14-041 Aggregate Severity Rating Moderate None None Important None Windows Server 2003 Service Pack 2 Internet Explorer Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.