Microsoft Patch Tuesday October 2016 brings 10 Security bulletins addressing 37 Vulnerabilities. Six bulletins are rated as Critical, three are rated as Important and one is rated as Moderate.
Six Critical bulletins are, MS16-118 for Internet Explorer cover 11 CVE’s, MS16-119 for Microsoft Edge cover 13 CVE’s, MS16-120 for Microsoft Graphics cover 7 CVE’s, MS16-121 for Microsoft Office cover 1 CVE, MS16-122 for Microsoft Video Control cover 1 CVE and MS16-127 for Adobe Flash Player cover 13 CVE’s.
Critical vulnerabilities allow remote attackers to perform Remote Code Execution. The other bulletins which are marked as important allow Remote code execution and Elevation of Privilege, and bulletins which are marked as moderate allows Information disclosure.
Five zero-day vulnerabilities are addressed by October 2016 Patch Tuesday update.
MS16-118(CVE-2016-3298) addresses a zero-day flaw(Internet Explorer zero-day flaw) which allows attackers to test for the presence of files on disk.
MS16-119(CVE-2016-7189) addresses a zero-day flaw in the browser’s scripting engine that can be exploited to conduct remote code execution attack.
MS16-120(CVE-2016-3393) addresses a zero-day in the Microsoft Windows Graphics Component vulnerability that can be exploited to conduct remote code execution attack.
MS16-121(CVE-2016-7193) addresses a zero-day in Office vulnerability that can be exploited to conduct remote code execution attack.
MS16-126(CVE-2016-3298) addresses a zero-day in the Microsoft Internet Messaging API that can be exploited to cause information disclosure.
Microsoft Patch Tuesday October 2016 Bulletin Summary in the order of severity:
MS16-118 : Vulnerabilities in Internet Explorer (3192887)
Severity Rating: Critical
Affected Software: Internet Explorer
Impact: Remote Code Execution
MS16-119 : Vulnerabilities in Microsoft Edge (3192890)
Severity Rating: Critical
Affected Software: Microsoft Edge
Impact: Remote Code Execution
MS16-120 : Vulnerabilities in Microsoft Graphics Component (3192884)
Severity Rating: Critical
Affected Software: Microsoft Graphics Component
Impact: Remote Code Execution
MS16-121 : Vulnerabilities in Microsoft Office (3194063)
Severity Rating: Critical
Affected Software: Microsoft Office
Impact: Remote Code Execution
MS16-122 : Vulnerabilities in Microsoft Video Control (3195360)
Severity Rating: Critical
Affected Software: Microsoft Video Control
Impact: Remote Code Execution
MS16-127 : Vulnerabilities in Adobe Flash Player (3194343)
Severity Rating: Critical
Affected Software: Adobe Flash Player
Impact: Remote Code Execution
MS16-123 : Vulnerabilities in Microsoft Windows (3192892)
Severity Rating: Important
Affected Software: Windows Kernel-Mode Drivers
Impact: Elevation of Privilege
MS16-124 : Vulnerabilities in Microsoft Windows (3193227)
Severity Rating: Important
Affected Software: Windows Registry
Impact: Elevation of Privilege
MS16-125 : Vulnerabilities in Microsoft Windows (3193229)
Severity Rating: Important
Affected Software: Diagnostics Hub
Impact: Elevation of Privilege
MS16-126 : Vulnerabilities in Microsoft Windows (3196067)
Severity Rating: Moderate
Affected Software: Microsoft Internet Messaging API
Impact: Information Disclosure
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.