Security Alert (A16-06-02): Multiple Vulnerabilities in Microsoft Products (June 2016)


 

Published on: 15 June 2016

  
  

Description:

Microsoft has released 16 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:

MS16-063 Cumulative Security Update for Internet Explorer
MS16-068 Cumulative Security Update for Microsoft Edge
MS16-069 Cumulative Security Update for JScript and VBScript
MS16-070 Security Update for Microsoft Office
MS16-071 Security Update for Microsoft Windows DNS Server
MS16-072 Security Update for Group Policy
MS16-073 Security Update for Windows Kernel-Mode Drivers
MS16-074 Security Update for Microsoft Graphics Component
MS16-075 Security Update for Windows SMB Server
MS16-076 Security Update for Netlogon
MS16-077 Security Update for WPAD
MS16-078 Security Update for Windows Diagnostic Hub
MS16-079 Security Update for Microsoft Exchange Server
MS16-080 Security Update for Microsoft Windows PDF
MS16-081 Security Update for Active Directory
MS16-082 Security Update for Microsoft Windows Search Component

 

Affected Systems:

  • Microsoft Edge
  • Microsoft Exchange Server 2007, 2010, 2013, 2016
  • Microsoft Internet Explorer 9, 10, 11
  • Microsoft Office 2007, 2010, 2013, 2013 RT, 2016, Office for Mac 2011, 2016
  • Microsoft Office Compatibility Pack, Word Viewer, Visio Viewer 2007, Visio Viewer 2010
  • Microsoft Office Online Server
  • Microsoft Office Web Apps 2010, 2013
  • Microsoft SharePoint Server 2010, 2013
  • Microsoft Windows Vista, 7, 8.1, RT 8.1, 10
  • Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2

A complete list of the affected products can be found in the section "Affected Software" in the Microsoft security bulletin summary available at:

https://technet.microsoft.com/library/security/ms16-jun

 

Impact:

Depending on the vulnerability exploited, a successful attack could lead to arbitrary code execution, denial-of-service condition, elevation of privilege, security restrictions bypass and information disclosure.

 

Recommendation:

Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

  • Microsoft Update
    http://update.microsoft.com/microsoftupdate


If any problem is encountered during the patch installation via automated methods, patches for various affected systems can also be downloaded individually from the "Affected and Non-Affected Software" section of the corresponding Microsoft Security Advisory and Bulletins which can be accessed from the URL(s) listed in the "More Information" section of this Security Alert.

 

More Information:

https://technet.microsoft.com/en-us/library/security/ms16-jun
https://technet.microsoft.com/library/security/MS16-063
https://technet.microsoft.com/library/security/MS16-068
https://technet.microsoft.com/library/security/MS16-069
https://technet.microsoft.com/library/security/MS16-070
https://technet.microsoft.com/library/security/MS16-071
https://technet.microsoft.com/library/security/MS16-072
https://technet.microsoft.com/library/security/MS16-073
https://technet.microsoft.com/library/security/MS16-074
https://technet.microsoft.com/library/security/MS16-075
https://technet.microsoft.com/library/security/MS16-076
https://technet.microsoft.com/library/security/MS16-077
https://technet.microsoft.com/library/security/MS16-078
https://technet.microsoft.com/library/security/MS16-079
https://technet.microsoft.com/library/security/MS16-080
https://technet.microsoft.com/library/security/MS16-081
https://technet.microsoft.com/library/security/MS16-082
https://www.us-cert.gov/ncas/current-activity/2016/06/14/Microsoft-Releases-June-2016-Security-Bulletin
https://www.hkcert.org/my_url/en/alert/16061501
https://www.hkcert.org/my_url/en/alert/16061502
https://www.hkcert.org/my_url/en/alert/16061503
https://www.hkcert.org/my_url/en/alert/16061504
https://www.hkcert.org/my_url/en/alert/16061505
https://www.hkcert.org/my_url/en/alert/16061506
https://www.hkcert.org/my_url/en/alert/16061507
https://www.hkcert.org/my_url/en/alert/16061508
https://www.hkcert.org/my_url/en/alert/16061509
https://www.hkcert.org/my_url/en/alert/16061510
https://www.hkcert.org/my_url/en/alert/16061511
https://www.hkcert.org/my_url/en/alert/16061512
https://www.hkcert.org/my_url/en/alert/16061513
https://www.hkcert.org/my_url/en/alert/16061514
https://www.hkcert.org/my_url/en/alert/16061515
https://www.hkcert.org/my_url/en/alert/16061516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0028
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0199 (to CVE-2016-0200)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3198 (to CVE-2016-3199)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3201 (to CVE-2016-3203)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3205 (to CVE-2016-3207)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3210 (to CVE-2016-3216)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3218 (to CVE-2016-3223)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3225 (to CVE-2016-3228)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3230 (to CVE-2016-3236) 



Tag: Edge , Internet Explorer , Microsoft Office , Windows Server , Windows , SharePoint , Microsoft
Tags