Tuesday, December 13, 2016

Microsoft Security Bulletin Release for December, 2016

As this is the second Tuesday of the month, there will be one security monthly rollup for Windows 7 and 8.1 as well as Server 2008 and 2012.  The details of the updates included are listed below.

Reminder:  After the January 2017 Update Tuesday release, bulletins will be eliminated and the information will only be available from the new Security Updates Guide which includes the ability to view and search security vulnerability information in a single online database. The guide is described as a "portal" by the MSRC Team in Furthering our commitment to security updates.

December Security Update Details:

Microsoft released twelve (12) bulletins.  Six (6) bulletins are identified as Critical and six (6) rated Important in severity

The updates address vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Microsoft Office Services and Web Apps, .NET Framework and Adobe Flash Player for Windows 8.1 and above. 

Addressed in the updates are Remote Code Execution, Elevation of Privilege and Information Disclosure.

Information about the update for Windows 10 is available at Windows 10 update history with #KB3206632 for 1607, #KB3205386 for 1511 and #KB3205853 for RTM. 

  • MS16-144 -- Cumulative Security Update for Internet Explorer (3204059)
  • MS16-145 -- Cumulative Security Update for Microsoft Edge (3204062)
  • MS16-146 -- Security Update for Microsoft Graphics Component (3204066)
  • MS16-147 -- Security Update for Microsoft Uniscribe (3204063)
  • MS16-148 -- Security Update for Microsoft Office (3204068)
  • MS16-154 -- Security Update for Adobe Flash Player (3209498)
  • MS16-149 -- Security Update for Microsoft Windows (3205655)
  • MS16-150 -- Security Update for Secure Kernel Mode (3205642)
  • MS16-151 -- Security Update for Windows Kernel-Mode Drivers (3205651)
  • MS16-152 -- Security Update for Windows Kernel (3199709)
  • MS16-153 -- Security Update for Common Log File System Driver (3207328)
  • MS16-155 -- Security Update for .NET Framework (3205640) 

    Additional Update Notes

    • Adobe Flash Player -- For Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows 10 Version 1511, Adobe Flash Player is now a security bulletin rather than a security advisory and is included with the updates as identified above.
    • MSRT -- Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. 
    • Windows 10 -- A summary of important product developments included in each update, with links to more details is available at Windows 10 Update History. The page will be regularly refreshed, as new updates are released.


      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...

      No comments: