Security Alert (A16-05-02): Multiple Vulnerabilities in Microsoft Products (May 2016)


 

Published on: 11 May 2016

  
  

Description:

Microsoft has released 16 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:

MS16-051 Cumulative Security Update for Internet Explorer
MS16-052 Cumulative Security Update for Microsoft Edge
MS16-053 Cumulative Security Update for JScript and VBScript
MS16-054 Security Update for Microsoft Office
MS16-055 Security Update for Microsoft Graphics Component
MS16-056 Security Update for Windows Journal
MS16-057 Security Update for Windows Shell
MS16-058 Security Update for Windows IIS
MS16-059 Security Update for Windows Media Center
MS16-060 Security Update for Windows Kernel
MS16-061 Security Update for Microsoft RPC
MS16-062 Security Update for Windows Kernel-Mode Drivers
MS16-064 Security Update for Adobe Flash Player
MS16-065 Security Update for .NET Framework
MS16-066 Security Update for Virtual Secure Mode
MS16-067 Security Update for Volume Manager Driver

 

Affected Systems:

  • Microsoft Edge
  • Microsoft Internet Explorer 9, 10, 11
  • Microsoft Office 2007, 2010, 2013, 2013 RT, 2016, Office for Mac 2011, 2016
  • Microsoft Office Compatibility Pack, Word Viewer
  • Microsoft Office Web Apps 2010
  • Microsoft SharePoint Server 2010
  • Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2
  • Microsoft Windows Vista, 7, 8.1, RT 8.1, 10

A complete list of the affected products can be found in the section "Affected Software" in the Microsoft security bulletin summary available at:

https://technet.microsoft.com/library/security/ms16-may

 

Impact:

Depending on the vulnerability exploited, a successful attack could lead to arbitrary code execution, denial-of-service condition, elevation of privilege, security restrictions bypass and information disclosure.

 

Recommendation:

Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

  • Microsoft Update
    http://update.microsoft.com/microsoftupdate


If any problem is encountered during the patch installation via automated methods, patches for various affected systems can also be downloaded individually from the "Affected and Non-Affected Software" section of the corresponding Microsoft Security Advisory and Bulletins which can be accessed from the URL(s) listed in the "More Information" section of this Security Alert.

 

More Information:

https://technet.microsoft.com/en-us/library/security/ms16-may
https://technet.microsoft.com/library/security/MS16-051
https://technet.microsoft.com/library/security/MS16-052
https://technet.microsoft.com/library/security/MS16-053
https://technet.microsoft.com/library/security/MS16-054
https://technet.microsoft.com/library/security/MS16-055
https://technet.microsoft.com/library/security/MS16-056
https://technet.microsoft.com/library/security/MS16-057
https://technet.microsoft.com/library/security/MS16-058
https://technet.microsoft.com/library/security/MS16-059
https://technet.microsoft.com/library/security/MS16-060
https://technet.microsoft.com/library/security/MS16-061
https://technet.microsoft.com/library/security/MS16-062
https://technet.microsoft.com/library/security/MS16-064
https://technet.microsoft.com/library/security/MS16-065
https://technet.microsoft.com/library/security/MS16-066
https://technet.microsoft.com/library/security/MS16-067
https://www.us-cert.gov/ncas/current-activity/2016/05/10/Microsoft-Releases-May-2016-Security-Bulletin
https://www.hkcert.org/my_url/en/alert/16051101
https://www.hkcert.org/my_url/en/alert/16051102
https://www.hkcert.org/my_url/en/alert/16051103
https://www.hkcert.org/my_url/en/alert/16051104
https://www.hkcert.org/my_url/en/alert/16051105
https://www.hkcert.org/my_url/en/alert/16051106
https://www.hkcert.org/my_url/en/alert/16051107
https://www.hkcert.org/my_url/en/alert/16051108
https://www.hkcert.org/my_url/en/alert/16051109
https://www.hkcert.org/my_url/en/alert/16051110
https://www.hkcert.org/my_url/en/alert/16051111
https://www.hkcert.org/my_url/en/alert/16051112
https://www.hkcert.org/my_url/en/alert/16051113
https://www.hkcert.org/my_url/en/alert/16051114
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0168 (to CVE-2016-0171)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0173 (to CVE-2016-0176)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0178 (to CVE-2016-0198) 



Tag: Edge , Internet Explorer , Microsoft Office , Windows Server , Windows , SharePoint , Microsoft
Tags