Published on: 12 October 2016
Microsoft has released 10 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:
MS16-118 Cumulative Security Update for Internet Explorer
MS16-119 Cumulative Security Update for Microsoft Edge
MS16-120 Security Update for Microsoft Graphics Component
MS16-121 Security Update for Microsoft Office
MS16-122 Security Update for Microsoft Video Control
MS16-123 Security Update for Windows Kernel-Mode Drivers
MS16-124 Security Update for Windows Registry
MS16-125 Security Update for Diagnostics Hub
MS16-126 Security Update for Microsoft Internet Messaging API
MS16-127 Security Update for Adobe Flash Player
Reports indicate that the vulnerabilities mentioned in MS16-120 and MS-126 are being actively exploited in wild. In addition, there are scattered exploits observed against vulnerabilities mentioned in MS16-118, MS16-119 and MS16-121.
A complete list of the affected products can be found in the section "Affected Software" in the Microsoft security bulletin summary available at:
https://technet.microsoft.com/library/security/ms16-oct
Depending on the vulnerability exploited, a successful attack could lead to elevation of privilege, information disclosure, and remote code execution.
Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://technet.microsoft.com/en-us/library/security/ms16-oct
https://technet.microsoft.com/en-us/library/security/MS16-118
https://technet.microsoft.com/en-us/library/security/MS16-119
https://technet.microsoft.com/en-us/library/security/MS16-120
https://technet.microsoft.com/en-us/library/security/MS16-121
https://technet.microsoft.com/en-us/library/security/MS16-122
https://technet.microsoft.com/en-us/library/security/MS16-123
https://technet.microsoft.com/en-us/library/security/MS16-124
https://technet.microsoft.com/en-us/library/security/MS16-125
https://technet.microsoft.com/en-us/library/security/MS16-126
https://technet.microsoft.com/en-us/library/security/MS16-127
https://www.hkcert.org/my_url/en/alert/16101201
https://www.us-cert.gov/ncas/current-activity/2016/10/11/Microsoft-Releases-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3341
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3382 (to CVE-2016-3393)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3396
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7188 (to CVE-2016-7191)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7211