SlideShare a Scribd company logo

December2016 patchtuesdayshavlik

Download as PPTX, PDF
LANDESK
LANDESK

December Patch Tuesday Webinar

Technology
1 of 26
Patch Tuesday Webinar Wednesday, December 14th, 2016 Chris Goettl • Sara Otremba • Ryan Worlton Dial In: 1-855-749-4750 (US) Attendees: 921 738 737
Agenda December 2016 Patch Tuesday Overview Known Issues Bulletins Q & A 1 2 3 4
Best Practices Privilege Management Mitigates Impact of many exploits High Threat Level vulnerabilities warrant fast rollout. 2 weeks or less is ideal to reduce exposure. User Targeted – Whitelisting and Containerization mitigate
Industry News Is Edge the most secure browser? Microsoft likes to claim so, but researchers are arguing otherwise. Edge SMARTSCREEN can apparently be used to scam users into clicking malicious links. https://www.onmsft.com/news/flaw-in-microsoft-edge-can-turn-smartscreen-into-scamming-device-say-researchers Mozilla Zero Day! Update 50.0.2 was released on November 30th. If you have not already, update your Mozilla browsers. http://www.zdnet.com/article/firefox-zero-day-mozilla-tor-issue-critical-patches-to-block-active-attacks/ Adobe Flash Zero Day update released on Patch Tuesday. https://threatpost.com/adobe-patches-flash-zero-day-under-attack/121567/ November Patches had a number of known issues reported later in the month. Most seem to be around Lenovo hardware that have an update available. https://technet.microsoft.com/en-us/library/security/ms16-nov.aspx Some Lenovo servers do not start after this update is installed. Lenovo is aware of this problem and has released a UEFI update to address it. In the interim, Microsoft has changed the detection logic in the update to prevent additional customers from being affected. For more information, see https://support.lenovo.com/us/en/solutions/ht502912.
CSWU-043: Cumulative update for Windows 10: December, 2016  Maximum Severity: Critical  Affected Products: Windows 10, Edge, Internet Explorer,  Description: This update for Windows 10 includes functionality improvements and resolves the vulnerabilities in Windows that are described in the following Microsoft security bulletins and advisory: MS16-144, MS16-145, MS16-147, MS16-149, MS16-150, MS16-151, MS16-152, MS16-153  Impact: Remote Code Execution, Elevation of Privilege,  Fixes 26 vulnerabilities: CVE-2016-7202, CVE-2016-7278, CVE-2016-7279, CVE-2016-7281, CVE-2016-7282, CVE-2016-7283, CVE-2016-7284, CVE-2016-7287, CVE-2016-7181, CVE-2016-7206, CVE-2016-7280, CVE-2016-7286, CVE-2016-7288, CVE-2016-7296, CVE-2016-7297, CVE-2016-7257, CVE-2016-7272, CVE-2016-7273, CVE-2016-7274, CVE-2016-7219, CVE-2016-7292, CVE-2016-7271, CVE-2016-7259, CVE-2016-7260, CVE-2016-7258, CVE-2016-7295  Restart Required: Requires Restart
SB16-005, SB16-006, SB16-007: December, 2016 Security Only Update  Maximum Severity: Critical  Affected Products: Windows, Internet Explorer  Description: This update is the Security Only Quality Update for Windows 7, 8.1, Server 2008 R2, 2012, and 2012 R2 systems: MS16-144, MS16-146, MS16-147, MS16-149, MS16-151, MS16-153  Impact: Remote Code Execution, Elevation of Privilege,  Fixes 17 vulnerabilities: CVE-2016-7202, CVE-2016-7278, CVE-2016-7279, CVE-2016-7281, CVE-2016-7282, CVE-2016-7283, CVE-2016-7284, CVE-2016-7287, CVE-2016-7257, CVE-2016-7272, CVE-2016-7273, CVE-2016-7274, CVE-2016-7219, CVE-2016-7292, CVE-2016-7259, CVE-2016-7260, CVE-2016-7295  Restart Required: Requires Restart
CR16-005, CR16-006, CR16-007: December, 2016 Security Monthly Quality Update  Maximum Severity: Critical  Affected Products: Windows, Internet Explorer  Description: This update is the Security Only Quality Update for Windows 7, 8.1, Server 2008 R2, 2012, and 2012 R2 systems: MS16-144, MS16-146, MS16-147, MS16-149, MS16-151, MS16-153  Impact: Remote Code Execution, Elevation of Privilege,  Fixes 17 vulnerabilities: CVE-2016-7202, CVE-2016-7278, CVE-2016-7279, CVE-2016-7281, CVE-2016-7282, CVE-2016-7283, CVE-2016-7284, CVE-2016-7287, CVE-2016-7257, CVE-2016-7272, CVE-2016-7273, CVE-2016-7274, CVE-2016-7219, CVE-2016-7292, CVE-2016-7259, CVE-2016-7260, CVE-2016-7295  Restart Required: Requires Restart
MS16-144: Cumulative Security Update for Internet Explorer (3204059)  Maximum Severity: Critical  Affected Products: IE  Description: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  Impact: Remote Code Execution  Fixes 9 vulnerabilities:  CVE-2016-7202(Publicly Disclosed), CVE-2016-7278, CVE-2016-7279, CVE-2016-7281(Publicly Disclosed), CVE-2016- 7282(Publicly Disclosed), CVE-2016-7283, CVE-2016-7284, CVE-2016-7287  Restart Required: Requires Restart
MS16-145: Cumulative Security Update for Microsoft Edge (3204062)  Maximum Severity: Critical  Affected Products: Edge  Description: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.  Impact: Remote Code Execution  Fixes 10 vulnerabilities:  CVE-2016-7206(Publicly Disclosed),CVE-2016-7279, CVE-2016-7280, CVE-2016-7281(Publicly Disclosed), CVE-2016- 7282(Publicly Disclosed), CVE-2016-7286, CVE-2016-7287, CVE-2016-7288, CVE-2016-7296, CVE-2016-7297  Restart Required: Requires Restart
MS16-146: Security Update for Microsoft Graphics Component (3204066)  Maximum Severity: Critical  Affected Products: Windows  Description: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.  Impact: Remote Code Execution  Fixes 3 vulnerabilities:  CVE-2016-7257, CVE-2016-7272, CVE-2016-7273  Restart Required: Requires Restart
MS16-147: Security Update for Microsoft Uniscribe (3204063)  Maximum Severity: Critical  Affected Products: Windows  Description: This security update resolves a vulnerability in Windows Uniscribe. The vulnerability could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.  Impact: Remote Code Execution  Fixes 1 vulnerabilities:  CVE-2016-7274  Restart Required: Requires Restart
MS16-148: Security Update for Microsoft Office (3204068)  Maximum Severity: Critical  Affected Products: Office, SharePoint and Office WebApps  Description: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.  Impact: Remote Code Execution  Fixes 16 vulnerabilities:  CVE-2016-7257, CVE-2016-7262, CVE-2016-7263, CVE-2016-7264, CVE-2016-7265, CVE-2016-7266, CVE-2016-7267, CVE-2016- 7268, CVE-2016-7275, CVE-2016-7276, CVE-2016-7277, CVE-2016-7289, CVE-2016-7290, CVE-2016-7291, CVE-2016-7298, CVE-2016-7300  Restart Required: May Require Restart
MS16-154: Security Update for Adobe Flash Player (3209498)  Maximum Severity: Critical  Affected Products: Windows, Adobe Flash Player  Description: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.  Impact: Remote Code Execution  Fixes 17 vulnerabilities:  CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870, CVE-2016-7871, CVE-2016-7872, CVE-2016-7873, CVE-2016- 7874, CVE-2016-7875, CVE-2016-7876, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7890, CVE-2016-7892  Restart Required: Requires Restart
MS16-155: Security Update for .NET Framework (3205640)  Maximum Severity: Important  Affected Products: Windows, .Net Framework  Description: This security update resolves a vulnerability in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. A security vulnerability exists in Microsoft .NET Framework 4.6.2 that could allow an attacker to access information that is defended by the Always Encrypted feature.  Impact: Information Disclosure  Fixes 1 vulnerabilities:  CVE-2016-7270 (Publicly Disclosed)  Restart Required: Requires Restart
APSB16-39: Security Update for Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player Desktop Runtime, Google Chrome, Microsoft Edge and Internet Explorer 11 and Adobe Flash Player for Linux  Description: This security update resolves use-after-free vulnerabilities that could lead to code execution, buffer overflow vulnerabilities and memory corruption issues in Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.  Impact: Remote Code Execution  Fixes 17 vulnerabilities: CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870, CVE-2016-7871, CVE-2016-7872, CVE-2016-7873, CVE-2016- 7874, CVE-2016-7875, CVE-2016-7876, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE- 2016-7890, CVE-2016-7892 (exploited in the wild)  Restart Required: Requires Restart
2016-94: Security Update for Mozilla Firefox 50.1  Maximum Severity: Critical  Affected Products: Firefox  Description: This security update resolves a number of issues including use-after-free vulnerabilities that could lead to code execution, buffer overflow vulnerabilities and memory corruption issues. If you have not already applied 50.0.2, zero day (CVE-2016-9079) which was released on November 30th.  Impact: Remote Code Execution  Fixes 13 vulnerabilities: CVE-2016-9893, CVE-2016-9080, CVE-2016-9903, CVE-2016-9902, CVE-2016-9901, CVE-2016-9904, CVE-2016-9900, CVE-2016- 9898, CVE-2016-9897, CVE-2016-9896, CVE-2016-9895, CVE-2016-9899, CVE-2016-9894  Restart Required: Requires Restart
MS16-149: Security Update for Microsoft Windows (3205655)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application.  Impact: Elevation of Privilege  Fixes 2 vulnerabilities:  CVE-2016-7219, CVE-2016-7292  Restart Required: Requires Restart
MS16-150: Security Update for Secure Kernel Mode (3205642)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if a locally-authenticated attacker runs a specially crafted application on a targeted system. An attacker who successfully exploited the vulnerability could violate virtual trust levels (VTL).  Impact: Elevation of Privilege  Fixes 1 vulnerabilities:  CVE-2016-7271  Restart Required: Requires Restart
MS16-151: Security Update for Windows Kernel-Mode Drivers (3205651)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.  Impact: Elevation of Privilege  Fixes 2 vulnerabilities:  CVE-2016-7259, CVE-2016-7260  Restart Required: Requires Restart
MS16-152: Security Update for Windows Kernel (3199709)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when the Windows kernel improperly handles objects in memory.  Impact: Information Disclosure  Fixes 1 vulnerabilities:  CVE-2016-7258  Restart Required: Requires Restart
MS16-153: Security Update for Common Log File System Driver (3207328)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to bypass security measures on the affected system allowing further exploitation.  Impact: Information Disclosure  Fixes 1 vulnerabilities:  CVE-2016-7295  Restart Required: Requires Restart
Between Patch Tuesdays New Product Support: Microsoft Enhanced Mitigation Experience Toolkit, Adobe Creative Cloud, TreeSize Free, SQL Server 2016 SP1 Security Updates: Chrome (3), Skype (2), Tomcat (5), Firefox (3), VMware Player (1), Microsoft (2), Foxit (2), Wireshark (1), Notepad++ (2), Thunderbird (2), Opera (1), TortoiseSVN (1), FileZilla (2), Non-Security Updates: AutoCAD Map (1), Dropbox (2), GoodSync (7), Microsoft (44), Ccleaner (2), Slack Machine-Wide Installer (3), Foxit Phantom (1), Xmind (1), Google Drive (2), CDBurnerXP (1), NitroPro (1), PDFCreator (1), RealVNC Connect (1), Adobe Creative Cloud (1), GoToMeeting (1), HipChat (2), TreeSize Free (1), TeamViewer (1), WinSCP (1), PDF-Xchange Pro (1), Programmers Notepad (1), Citrix Receiver (1), Malwarebytes (1), WebEx Productivity Tools (1) Security Tools: Software Distribution: Windows Management Framework
Resources and Webinars Get Shavlik Content Updates Get Social with Shavlik Sign up for next months Patch Tuesday Webinar Watch previous webinars and download presentation.
Thank you

Recommended

January2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikJanuary2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikLANDESK
 
April 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiApril 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiChris Goettl
 
August Patch Tuesday 2016
August Patch Tuesday 2016August Patch Tuesday 2016
August Patch Tuesday 2016LANDESK
 
November2016 patchtuesdayshavlik
November2016 patchtuesdayshavlikNovember2016 patchtuesdayshavlik
November2016 patchtuesdayshavlikLANDESK
 
Patch Tuesday Analysis - June 2016
Patch Tuesday Analysis - June 2016Patch Tuesday Analysis - June 2016
Patch Tuesday Analysis - June 2016Ivanti
 
Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Ivanti
 
October2016 patchtuesdayshavlik
October2016 patchtuesdayshavlikOctober2016 patchtuesdayshavlik
October2016 patchtuesdayshavlikLANDESK
 
Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016Ivanti
 

Recommended

January2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikJanuary2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikLANDESK
 
April 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiApril 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiChris Goettl
 
August Patch Tuesday 2016
August Patch Tuesday 2016August Patch Tuesday 2016
August Patch Tuesday 2016LANDESK
 
November2016 patchtuesdayshavlik
November2016 patchtuesdayshavlikNovember2016 patchtuesdayshavlik
November2016 patchtuesdayshavlikLANDESK
 
Patch Tuesday Analysis - June 2016
Patch Tuesday Analysis - June 2016Patch Tuesday Analysis - June 2016
Patch Tuesday Analysis - June 2016Ivanti
 
Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Ivanti
 
October2016 patchtuesdayshavlik
October2016 patchtuesdayshavlikOctober2016 patchtuesdayshavlik
October2016 patchtuesdayshavlikLANDESK
 
Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016Ivanti
 
Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Ivanti
 
Patch Tuesday Analysis - March 2016
Patch Tuesday Analysis - March 2016Patch Tuesday Analysis - March 2016
Patch Tuesday Analysis - March 2016Ivanti
 
Shavlik September Patch Tuesday 2016
Shavlik September Patch Tuesday 2016Shavlik September Patch Tuesday 2016
Shavlik September Patch Tuesday 2016LANDESK
 
Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016Ivanti
 
May 2017 Patch Tuesday Ivanti
May 2017 Patch Tuesday IvantiMay 2017 Patch Tuesday Ivanti
May 2017 Patch Tuesday IvantiIvanti
 
Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015Ivanti
 
Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015Ivanti
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Ivanti
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Ivanti
 
October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018Ivanti
 
December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisIvanti
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019Ivanti
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019Ivanti
 
Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti
 
May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019Ivanti
 
Patch Tuesday Analysis - November 2016
Patch Tuesday Analysis - November 2016Patch Tuesday Analysis - November 2016
Patch Tuesday Analysis - November 2016Ivanti
 
Patch Tuesday Analysis - August 2016
Patch Tuesday Analysis - August 2016Patch Tuesday Analysis - August 2016
Patch Tuesday Analysis - August 2016Ivanti
 
Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016Ivanti
 
Patch Tuesday Analysis - July 2016
Patch Tuesday Analysis - July 2016Patch Tuesday Analysis - July 2016
Patch Tuesday Analysis - July 2016Ivanti
 
Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017 Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017 Ivanti
 
Patch Tuesday Analysis - September 2016
Patch Tuesday Analysis - September 2016Patch Tuesday Analysis - September 2016
Patch Tuesday Analysis - September 2016Ivanti
 
Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015Ivanti
 

More Related Content

What's hot

Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Ivanti
 
Patch Tuesday Analysis - March 2016
Patch Tuesday Analysis - March 2016Patch Tuesday Analysis - March 2016
Patch Tuesday Analysis - March 2016Ivanti
 
Shavlik September Patch Tuesday 2016
Shavlik September Patch Tuesday 2016Shavlik September Patch Tuesday 2016
Shavlik September Patch Tuesday 2016LANDESK
 
Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016Ivanti
 
May 2017 Patch Tuesday Ivanti
May 2017 Patch Tuesday IvantiMay 2017 Patch Tuesday Ivanti
May 2017 Patch Tuesday IvantiIvanti
 
Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015Ivanti
 
Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015Ivanti
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Ivanti
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Ivanti
 
October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018Ivanti
 
December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisIvanti
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019Ivanti
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019Ivanti
 
Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti
 
May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019Ivanti
 

What's hot (15)

Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017
 
Patch Tuesday Analysis - March 2016
Patch Tuesday Analysis - March 2016Patch Tuesday Analysis - March 2016
Patch Tuesday Analysis - March 2016
 
Shavlik September Patch Tuesday 2016
Shavlik September Patch Tuesday 2016Shavlik September Patch Tuesday 2016
Shavlik September Patch Tuesday 2016
 
Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016
 
May 2017 Patch Tuesday Ivanti
May 2017 Patch Tuesday IvantiMay 2017 Patch Tuesday Ivanti
May 2017 Patch Tuesday Ivanti
 
Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015
 
Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015
 
October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018
 
December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday Analysis
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019
 
Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020
 
May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019
 

Similar to December2016 patchtuesdayshavlik

Patch Tuesday Analysis - November 2016
Patch Tuesday Analysis - November 2016Patch Tuesday Analysis - November 2016
Patch Tuesday Analysis - November 2016Ivanti
 
Patch Tuesday Analysis - August 2016
Patch Tuesday Analysis - August 2016Patch Tuesday Analysis - August 2016
Patch Tuesday Analysis - August 2016Ivanti
 
Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016Ivanti
 
Patch Tuesday Analysis - July 2016
Patch Tuesday Analysis - July 2016Patch Tuesday Analysis - July 2016
Patch Tuesday Analysis - July 2016Ivanti
 
Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017 Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017 Ivanti
 
Patch Tuesday Analysis - September 2016
Patch Tuesday Analysis - September 2016Patch Tuesday Analysis - September 2016
Patch Tuesday Analysis - September 2016Ivanti
 
Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015Ivanti
 
February 2018 Patch Tuesday Analysis
February 2018 Patch Tuesday AnalysisFebruary 2018 Patch Tuesday Analysis
February 2018 Patch Tuesday AnalysisIvanti
 
Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Ivanti
 
July 2018 Patch Tuesday Analysis
July 2018 Patch Tuesday AnalysisJuly 2018 Patch Tuesday Analysis
July 2018 Patch Tuesday AnalysisIvanti
 
Patch Tuesday Analysis - July 2015
Patch Tuesday Analysis - July 2015Patch Tuesday Analysis - July 2015
Patch Tuesday Analysis - July 2015Ivanti
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020Ivanti
 
August Patch Tuesday Analysis
August Patch Tuesday AnalysisAugust Patch Tuesday Analysis
August Patch Tuesday AnalysisIvanti
 
July Patch Tuesday 2020
July Patch Tuesday 2020July Patch Tuesday 2020
July Patch Tuesday 2020Dan Lalli
 
September 2017 Patch Tuesday
September 2017 Patch TuesdaySeptember 2017 Patch Tuesday
September 2017 Patch TuesdayIvanti
 
April 2019 Patch Tuesday
April 2019 Patch TuesdayApril 2019 Patch Tuesday
April 2019 Patch TuesdayIvanti
 
July 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiJuly 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiIvanti
 
Patch Tuesday - August 2017 - Ivanti
Patch Tuesday - August 2017 - IvantiPatch Tuesday - August 2017 - Ivanti
Patch Tuesday - August 2017 - IvantiErica Azad
 
2023 January Patch Tuesday
2023 January Patch Tuesday2023 January Patch Tuesday
2023 January Patch TuesdayIvanti
 
Patch Tuesday de Noviembre
Patch Tuesday de NoviembrePatch Tuesday de Noviembre
Patch Tuesday de NoviembreIvanti
 

Similar to December2016 patchtuesdayshavlik (20)

Patch Tuesday Analysis - November 2016
Patch Tuesday Analysis - November 2016Patch Tuesday Analysis - November 2016
Patch Tuesday Analysis - November 2016
 
Patch Tuesday Analysis - August 2016
Patch Tuesday Analysis - August 2016Patch Tuesday Analysis - August 2016
Patch Tuesday Analysis - August 2016
 
Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016
 
Patch Tuesday Analysis - July 2016
Patch Tuesday Analysis - July 2016Patch Tuesday Analysis - July 2016
Patch Tuesday Analysis - July 2016
 
Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017 Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017
 
Patch Tuesday Analysis - September 2016
Patch Tuesday Analysis - September 2016Patch Tuesday Analysis - September 2016
Patch Tuesday Analysis - September 2016
 
Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015
 
February 2018 Patch Tuesday Analysis
February 2018 Patch Tuesday AnalysisFebruary 2018 Patch Tuesday Analysis
February 2018 Patch Tuesday Analysis
 
Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015
 
July 2018 Patch Tuesday Analysis
July 2018 Patch Tuesday AnalysisJuly 2018 Patch Tuesday Analysis
July 2018 Patch Tuesday Analysis
 
Patch Tuesday Analysis - July 2015
Patch Tuesday Analysis - July 2015Patch Tuesday Analysis - July 2015
Patch Tuesday Analysis - July 2015
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020
 
August Patch Tuesday Analysis
August Patch Tuesday AnalysisAugust Patch Tuesday Analysis
August Patch Tuesday Analysis
 
July Patch Tuesday 2020
July Patch Tuesday 2020July Patch Tuesday 2020
July Patch Tuesday 2020
 
September 2017 Patch Tuesday
September 2017 Patch TuesdaySeptember 2017 Patch Tuesday
September 2017 Patch Tuesday
 
April 2019 Patch Tuesday
April 2019 Patch TuesdayApril 2019 Patch Tuesday
April 2019 Patch Tuesday
 
July 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiJuly 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - Ivanti
 
Patch Tuesday - August 2017 - Ivanti
Patch Tuesday - August 2017 - IvantiPatch Tuesday - August 2017 - Ivanti
Patch Tuesday - August 2017 - Ivanti
 
2023 January Patch Tuesday
2023 January Patch Tuesday2023 January Patch Tuesday
2023 January Patch Tuesday
 
Patch Tuesday de Noviembre
Patch Tuesday de NoviembrePatch Tuesday de Noviembre
Patch Tuesday de Noviembre
 

Recently uploaded

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 

December2016 patchtuesdayshavlik

  • 1. Patch Tuesday Webinar Wednesday, December 14th, 2016 Chris Goettl • Sara Otremba • Ryan Worlton Dial In: 1-855-749-4750 (US) Attendees: 921 738 737
  • 2. Agenda December 2016 Patch Tuesday Overview Known Issues Bulletins Q & A 1 2 3 4
  • 3. Best Practices Privilege Management Mitigates Impact of many exploits High Threat Level vulnerabilities warrant fast rollout. 2 weeks or less is ideal to reduce exposure. User Targeted – Whitelisting and Containerization mitigate
  • 4.
  • 5. Industry News Is Edge the most secure browser? Microsoft likes to claim so, but researchers are arguing otherwise. Edge SMARTSCREEN can apparently be used to scam users into clicking malicious links. https://www.onmsft.com/news/flaw-in-microsoft-edge-can-turn-smartscreen-into-scamming-device-say-researchers Mozilla Zero Day! Update 50.0.2 was released on November 30th. If you have not already, update your Mozilla browsers. http://www.zdnet.com/article/firefox-zero-day-mozilla-tor-issue-critical-patches-to-block-active-attacks/ Adobe Flash Zero Day update released on Patch Tuesday. https://threatpost.com/adobe-patches-flash-zero-day-under-attack/121567/ November Patches had a number of known issues reported later in the month. Most seem to be around Lenovo hardware that have an update available. https://technet.microsoft.com/en-us/library/security/ms16-nov.aspx Some Lenovo servers do not start after this update is installed. Lenovo is aware of this problem and has released a UEFI update to address it. In the interim, Microsoft has changed the detection logic in the update to prevent additional customers from being affected. For more information, see https://support.lenovo.com/us/en/solutions/ht502912.
  • 6. CSWU-043: Cumulative update for Windows 10: December, 2016  Maximum Severity: Critical  Affected Products: Windows 10, Edge, Internet Explorer,  Description: This update for Windows 10 includes functionality improvements and resolves the vulnerabilities in Windows that are described in the following Microsoft security bulletins and advisory: MS16-144, MS16-145, MS16-147, MS16-149, MS16-150, MS16-151, MS16-152, MS16-153  Impact: Remote Code Execution, Elevation of Privilege,  Fixes 26 vulnerabilities: CVE-2016-7202, CVE-2016-7278, CVE-2016-7279, CVE-2016-7281, CVE-2016-7282, CVE-2016-7283, CVE-2016-7284, CVE-2016-7287, CVE-2016-7181, CVE-2016-7206, CVE-2016-7280, CVE-2016-7286, CVE-2016-7288, CVE-2016-7296, CVE-2016-7297, CVE-2016-7257, CVE-2016-7272, CVE-2016-7273, CVE-2016-7274, CVE-2016-7219, CVE-2016-7292, CVE-2016-7271, CVE-2016-7259, CVE-2016-7260, CVE-2016-7258, CVE-2016-7295  Restart Required: Requires Restart
  • 7. SB16-005, SB16-006, SB16-007: December, 2016 Security Only Update  Maximum Severity: Critical  Affected Products: Windows, Internet Explorer  Description: This update is the Security Only Quality Update for Windows 7, 8.1, Server 2008 R2, 2012, and 2012 R2 systems: MS16-144, MS16-146, MS16-147, MS16-149, MS16-151, MS16-153  Impact: Remote Code Execution, Elevation of Privilege,  Fixes 17 vulnerabilities: CVE-2016-7202, CVE-2016-7278, CVE-2016-7279, CVE-2016-7281, CVE-2016-7282, CVE-2016-7283, CVE-2016-7284, CVE-2016-7287, CVE-2016-7257, CVE-2016-7272, CVE-2016-7273, CVE-2016-7274, CVE-2016-7219, CVE-2016-7292, CVE-2016-7259, CVE-2016-7260, CVE-2016-7295  Restart Required: Requires Restart
  • 8. CR16-005, CR16-006, CR16-007: December, 2016 Security Monthly Quality Update  Maximum Severity: Critical  Affected Products: Windows, Internet Explorer  Description: This update is the Security Only Quality Update for Windows 7, 8.1, Server 2008 R2, 2012, and 2012 R2 systems: MS16-144, MS16-146, MS16-147, MS16-149, MS16-151, MS16-153  Impact: Remote Code Execution, Elevation of Privilege,  Fixes 17 vulnerabilities: CVE-2016-7202, CVE-2016-7278, CVE-2016-7279, CVE-2016-7281, CVE-2016-7282, CVE-2016-7283, CVE-2016-7284, CVE-2016-7287, CVE-2016-7257, CVE-2016-7272, CVE-2016-7273, CVE-2016-7274, CVE-2016-7219, CVE-2016-7292, CVE-2016-7259, CVE-2016-7260, CVE-2016-7295  Restart Required: Requires Restart
  • 9. MS16-144: Cumulative Security Update for Internet Explorer (3204059)  Maximum Severity: Critical  Affected Products: IE  Description: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  Impact: Remote Code Execution  Fixes 9 vulnerabilities:  CVE-2016-7202(Publicly Disclosed), CVE-2016-7278, CVE-2016-7279, CVE-2016-7281(Publicly Disclosed), CVE-2016- 7282(Publicly Disclosed), CVE-2016-7283, CVE-2016-7284, CVE-2016-7287  Restart Required: Requires Restart
  • 10. MS16-145: Cumulative Security Update for Microsoft Edge (3204062)  Maximum Severity: Critical  Affected Products: Edge  Description: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.  Impact: Remote Code Execution  Fixes 10 vulnerabilities:  CVE-2016-7206(Publicly Disclosed),CVE-2016-7279, CVE-2016-7280, CVE-2016-7281(Publicly Disclosed), CVE-2016- 7282(Publicly Disclosed), CVE-2016-7286, CVE-2016-7287, CVE-2016-7288, CVE-2016-7296, CVE-2016-7297  Restart Required: Requires Restart
  • 11. MS16-146: Security Update for Microsoft Graphics Component (3204066)  Maximum Severity: Critical  Affected Products: Windows  Description: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.  Impact: Remote Code Execution  Fixes 3 vulnerabilities:  CVE-2016-7257, CVE-2016-7272, CVE-2016-7273  Restart Required: Requires Restart
  • 12. MS16-147: Security Update for Microsoft Uniscribe (3204063)  Maximum Severity: Critical  Affected Products: Windows  Description: This security update resolves a vulnerability in Windows Uniscribe. The vulnerability could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.  Impact: Remote Code Execution  Fixes 1 vulnerabilities:  CVE-2016-7274  Restart Required: Requires Restart
  • 13. MS16-148: Security Update for Microsoft Office (3204068)  Maximum Severity: Critical  Affected Products: Office, SharePoint and Office WebApps  Description: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.  Impact: Remote Code Execution  Fixes 16 vulnerabilities:  CVE-2016-7257, CVE-2016-7262, CVE-2016-7263, CVE-2016-7264, CVE-2016-7265, CVE-2016-7266, CVE-2016-7267, CVE-2016- 7268, CVE-2016-7275, CVE-2016-7276, CVE-2016-7277, CVE-2016-7289, CVE-2016-7290, CVE-2016-7291, CVE-2016-7298, CVE-2016-7300  Restart Required: May Require Restart
  • 14. MS16-154: Security Update for Adobe Flash Player (3209498)  Maximum Severity: Critical  Affected Products: Windows, Adobe Flash Player  Description: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.  Impact: Remote Code Execution  Fixes 17 vulnerabilities:  CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870, CVE-2016-7871, CVE-2016-7872, CVE-2016-7873, CVE-2016- 7874, CVE-2016-7875, CVE-2016-7876, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7890, CVE-2016-7892  Restart Required: Requires Restart
  • 15. MS16-155: Security Update for .NET Framework (3205640)  Maximum Severity: Important  Affected Products: Windows, .Net Framework  Description: This security update resolves a vulnerability in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. A security vulnerability exists in Microsoft .NET Framework 4.6.2 that could allow an attacker to access information that is defended by the Always Encrypted feature.  Impact: Information Disclosure  Fixes 1 vulnerabilities:  CVE-2016-7270 (Publicly Disclosed)  Restart Required: Requires Restart
  • 16. APSB16-39: Security Update for Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player Desktop Runtime, Google Chrome, Microsoft Edge and Internet Explorer 11 and Adobe Flash Player for Linux  Description: This security update resolves use-after-free vulnerabilities that could lead to code execution, buffer overflow vulnerabilities and memory corruption issues in Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.  Impact: Remote Code Execution  Fixes 17 vulnerabilities: CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870, CVE-2016-7871, CVE-2016-7872, CVE-2016-7873, CVE-2016- 7874, CVE-2016-7875, CVE-2016-7876, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE- 2016-7890, CVE-2016-7892 (exploited in the wild)  Restart Required: Requires Restart
  • 17. 2016-94: Security Update for Mozilla Firefox 50.1  Maximum Severity: Critical  Affected Products: Firefox  Description: This security update resolves a number of issues including use-after-free vulnerabilities that could lead to code execution, buffer overflow vulnerabilities and memory corruption issues. If you have not already applied 50.0.2, zero day (CVE-2016-9079) which was released on November 30th.  Impact: Remote Code Execution  Fixes 13 vulnerabilities: CVE-2016-9893, CVE-2016-9080, CVE-2016-9903, CVE-2016-9902, CVE-2016-9901, CVE-2016-9904, CVE-2016-9900, CVE-2016- 9898, CVE-2016-9897, CVE-2016-9896, CVE-2016-9895, CVE-2016-9899, CVE-2016-9894  Restart Required: Requires Restart
  • 18. MS16-149: Security Update for Microsoft Windows (3205655)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application.  Impact: Elevation of Privilege  Fixes 2 vulnerabilities:  CVE-2016-7219, CVE-2016-7292  Restart Required: Requires Restart
  • 19. MS16-150: Security Update for Secure Kernel Mode (3205642)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if a locally-authenticated attacker runs a specially crafted application on a targeted system. An attacker who successfully exploited the vulnerability could violate virtual trust levels (VTL).  Impact: Elevation of Privilege  Fixes 1 vulnerabilities:  CVE-2016-7271  Restart Required: Requires Restart
  • 20. MS16-151: Security Update for Windows Kernel-Mode Drivers (3205651)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.  Impact: Elevation of Privilege  Fixes 2 vulnerabilities:  CVE-2016-7259, CVE-2016-7260  Restart Required: Requires Restart
  • 21. MS16-152: Security Update for Windows Kernel (3199709)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when the Windows kernel improperly handles objects in memory.  Impact: Information Disclosure  Fixes 1 vulnerabilities:  CVE-2016-7258  Restart Required: Requires Restart
  • 22. MS16-153: Security Update for Common Log File System Driver (3207328)  Maximum Severity: Important  Affected Products: Windows  Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to bypass security measures on the affected system allowing further exploitation.  Impact: Information Disclosure  Fixes 1 vulnerabilities:  CVE-2016-7295  Restart Required: Requires Restart
  • 23. Between Patch Tuesdays New Product Support: Microsoft Enhanced Mitigation Experience Toolkit, Adobe Creative Cloud, TreeSize Free, SQL Server 2016 SP1 Security Updates: Chrome (3), Skype (2), Tomcat (5), Firefox (3), VMware Player (1), Microsoft (2), Foxit (2), Wireshark (1), Notepad++ (2), Thunderbird (2), Opera (1), TortoiseSVN (1), FileZilla (2), Non-Security Updates: AutoCAD Map (1), Dropbox (2), GoodSync (7), Microsoft (44), Ccleaner (2), Slack Machine-Wide Installer (3), Foxit Phantom (1), Xmind (1), Google Drive (2), CDBurnerXP (1), NitroPro (1), PDFCreator (1), RealVNC Connect (1), Adobe Creative Cloud (1), GoToMeeting (1), HipChat (2), TreeSize Free (1), TeamViewer (1), WinSCP (1), PDF-Xchange Pro (1), Programmers Notepad (1), Citrix Receiver (1), Malwarebytes (1), WebEx Productivity Tools (1) Security Tools: Software Distribution: Windows Management Framework
  • 24.
  • 25. Resources and Webinars Get Shavlik Content Updates Get Social with Shavlik Sign up for next months Patch Tuesday Webinar Watch previous webinars and download presentation.

Editor's Notes

  1. NEARLY 50% OPEN E-MAILS AND CLICK ON PHISHING LINKS WITHIN THE FIRST HOUR.
  2. Edge Browser: https://www.onmsft.com/news/flaw-in-microsoft-edge-can-turn-smartscreen-into-scamming-device-say-researchers https://blogs.technet.microsoft.com/configmgrdogs/2016/12/07/update-to-supersedence-behaviour-for-security-only-and-security-monthly-quality-rollup-updates/
  3. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. https://blogs.technet.microsoft.com/configmgrdogs/2016/12/07/update-to-supersedence-behaviour-for-security-only-and-security-monthly-quality-rollup-updates/ User Targeted - Privilege Management Mitigates Impact CVE-2016-7282 (Publicly Disclosed) CVE-2016-7281 (Publicly Disclosed) CVE-2016-7202 (Publicly Disclosed) CVE-2016-7206 (Publicly Disclosed)
  4. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. The Security Only Quality Update is marked as Patch Type Security. This bundle includes multiple updates in a single installable package. This update does not include the Non-Security Updates and is not cumulative. https://blogs.technet.microsoft.com/configmgrdogs/2016/12/07/update-to-supersedence-behaviour-for-security-only-and-security-monthly-quality-rollup-updates/ User Targeted - Privilege Management Mitigates Impact CVE-2016-7282 (Publicly Disclosed) CVE-2016-7281 (Publicly Disclosed) CVE-2016-7202 (Publicly Disclosed)
  5. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. The Security Only Quality Update is marked as Patch Type Security. This bundle includes multiple updates in a single installable package. This update does not include the Non-Security Updates and is not cumulative. https://blogs.technet.microsoft.com/configmgrdogs/2016/12/07/update-to-supersedence-behaviour-for-security-only-and-security-monthly-quality-rollup-updates/ User Targeted - Privilege Management Mitigates Impact CVE-2016-7282 (Publicly Disclosed) CVE-2016-7281 (Publicly Disclosed) CVE-2016-7202 (Publicly Disclosed)
  6. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Recommendation is within 2 weeks of release. User Targeted - Privilege Management Mitigates Impact CVE-2016-7202(Publicly Disclosed), CVE-2016-7281(Publicly Disclosed), CVE-2016-7282(Publicly Disclosed), In a web-based attack scenario an attacker could host a website in an attempt to exploit the vulnerabilities. Additionally, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could be used to exploit the vulnerabilities. However, in all cases an attacker would have no way to force users to view attacker-controlled content. Instead, an attacker would have to convince users to take action. For example, an attacker could trick users into clicking a link that takes them to the attacker's site.
  7. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Recommendation is within 2 weeks of release. User Targeted - Privilege Management Mitigates Impact CVE-2016-7206(Publicly Disclosed), CVE-2016-7281(Publicly Disclosed), CVE-2016-7282(Publicly Disclosed), An attacker could host a specially crafted website that is designed to exploit the vulnerabilities through affected Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by an enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email.
  8. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Recommendation is within 2 weeks of release. User Targeted - Privilege Management Mitigates Impact User targeted vulnerabilities There are multiple ways an attacker could exploit these vulnerabilities. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email. In a file sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit this vulnerability, and then convince a user to open the document file.
  9. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Recommendation is within 2 weeks of release. User Targeted - Privilege Management Mitigates Impact Windows Uniscribe Remote Code Execution Vulnerability CVE-2016-7274 A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit this vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email. In a file sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit this vulnerability, and then convince a user to open the document file.
  10. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Recommendation is within 2 weeks of release. User targeted vulnerabilities – Privilege Management Mitigates Impact Exploitation of the vulnerabilities requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince them to open the specially crafted file.
  11. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Recommendation is within 2 weeks of release. User targeted vulnerabilities Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  
  12. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Recommendation is within 2 weeks of release.
  13. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. Vulnerability Details These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-7872, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7892).  These updates resolve buffer overflow vulnerabilities that could lead to code execution (CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870).  These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-7871, CVE-2016-7873, CVE-2016-7874, CVE-2016-7875, CVE-2016-7876).  These updates resolve a security bypass vulnerability (CVE-2016-7890). Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.   Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limited, targeted attacks against users running Internet Explorer (32-bit) on Windows.
  14. Shavlik Priority: Shavlik rates this bulletin as a Priority 1. https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/ CVE-2016-9079 Zero Day resolved in 50.0.2. A use-after-free vulnerability in SVG Animation has Critical CVEs resolved in 50.1: A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. Mozilla developers and community members Kan-Ru Chen, Christian Holler, and Tyson Smith reported memory safety bugs present in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. Mozilla developers and community members Jan de Mooij, Iris Hsiao, Christian Holler, Carsten Book, Timothy Nikkel, Christoph Diehl, Olli Pettay, Raymond Forbes, and Boris Zbarsky reported memory safety bugs present in Firefox 50.0.2 and Firefox ESR 45.5.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
  15. Shavlik Priority 2: Shavlik rates this bulletin as a Important. This means the update should be implemented in a reasonable timeframe after adequate testing. Recommendation is 2 to 4 weeks
  16. Shavlik Priority 2: Shavlik rates this bulletin as a Important. This means the update should be implemented in a reasonable timeframe after adequate testing. Recommendation is 2 to 4 weeks
  17. Shavlik Priority 2: Shavlik rates this bulletin as a Important. This means the update should be implemented in a reasonable timeframe after adequate testing. Recommendation is 2 to 4 weeks
  18. Shavlik Priority 2: Shavlik rates this bulletin as a Important. This means the update should be implemented in a reasonable timeframe after adequate testing. Recommendation is 2 to 4 weeks
  19. Shavlik Priority 2: Shavlik rates this bulletin as a Important. This means the update should be implemented in a reasonable timeframe after adequate testing. Recommendation is 2 to 4 weeks
  20. Sign up for Content Announcements: Email http://www.shavlik.com/support/xmlsubscribe/ RSS http://protect7.shavlik.com/feed/ Twitter @ShavlikXML Follow us on: Shavlik on LinkedIn Twitter @ShavlikProtect Shavlik blog -> www.shavlik.com/blog Chris Goettl on LinkedIn Twitter @ChrisGoettl Sign up for webinars or download presentations and watch playbacks: http://www.shavlik.com/webinars/