September Patch Tuesday: Browser, Exchange, Office Bugs Dominate

The second Tuesday of the month is here, which means one thing – new patches from Microsoft. Compared to recent months, September’s batch of patches is slightly larger with 14 bulletins in all, evenly split between Critical and Important ones.

The seven Critical vulnerabilities allow for remote code execution by an attacker via multiple Microsoft products:

In general, these vulnerabilities can be exploited via common methods – i.e., opening a malicious website/document/script. The Exchange Server vulnerability is worth calling out, though: that vulnerability can be exploited via a specially crafted email message. While not a new threat, it is relatively uncommon, and system administrators should know about this slight oddity to this month’s patches.

The remaining Important bulletins cover a variety of products as well, including Silverlight, the SMBv1 server, and the Windows PDF library. These allow for less risky cases of code execution and/or information disclosure.

As one may have noted earlier, the Critical bulletins included a patch for Adobe Flash Player. In sync with Patch Tuesday, Adobe also released bulletins for their own products, including Flash Player (APSB16-29). This bulletin fixes 26 distinct vulnerabilities in the popular plug-in, and raises the current version to 22.0.0.211.

We recommend that users update their installed software as soon as is practical for their organizations.

Trend Micro researchers took part in the discovery of the following vulnerabilities and/or security improvements

  • CVE-2016-3351 (MS16-104, MS16-105)
  • Defense in depth for MS16-105

The following vulnerabilities were disclosed via Trend Micro’s Zero Day Initiative (ZDI):

  • CVE-2016-3247 (MS16-104, MS16-105)
  • CVE-2016-3292 (MS16-104)
  • CVE-2016-3294 (MS16-105)
  • CVE-2016-3295 (MS16-104, MS16-105)
  • CVE-2016-3353 (MS16-104)
  • CVE-2016-3365 (MS16-107)
  • CVE-2016-3376 (MS16-116)
  • CVE-2016-3377 (MS16-105)
  • CVE-2016-4276 (APSB16-29)
  • CVE-2016-4276 (APSB16-29)

Trend Micro Solutions

Trend Micro Deep Security and Vulnerability Protection protect user systems from any threats that may target these Microsoft vulnerabilities via the following DPI rules:

  • 1007920—Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
  • 1007921—Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
  • 1007922—Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
  • 1007923—Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
  • 1007924—Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
  • 1007925—Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
  • 1007926—Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
  • 1007927—Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)
  • 1007928—Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
  • 1007929—Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
  • 1007930—Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
  • 1007931—Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
  • 1007933—Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3305)
  • 1007934—Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3306)
  • 1007935—Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
  • 1007936—Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
  • 1007937—Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
  • 1007938—Microsoft GDI Elevation Of Privilege Vulnerability (CVE-2016-3355)
  • 1007939—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
  • 1007940—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3358)
  • 1007941—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3359)
  • 1007942—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3360)
  • 1007943—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3362)
  • 1007944—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3363)
  • 1007945—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3364)
  • 1007946—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3365)
  • 1007947—Microsoft Office Memory Corruption Vulnerability (CVE-2016-3381)

TippingPoint customers are protected from attacks exploiting these vulnerabilities with the following MainlineDV filters:

  • 39131: HTTP: Microsoft PowerPoint Bitmap Memory Corruption Vulnerability
  • 39132: HTTP: Microsoft Internet Explorer and Edge Font Memory Corruption Vulnerability
  • 39135: Kerberos: Microsoft Windows Kerberos NTLM Fallback Authentication Bypass Vulnerability
  • 39136: HTTP: Microsoft Edge Proxy Type Confusion Vulnerability
  • 39137: HTTP: Microsoft Edge PDF Information Disclosure Vulnerability
  • 39138: HTTP: Microsoft Edge PDF Information Disclosure Vulnerability
  • 39141: HTTP: Microsoft Windows Win32k ValidateZorder Memory Corruption Vulnerability
  • 39143: HTTP: Microsoft Internet Explorer TextDecoration Information Disclosure Vulnerability
  • 39145: HTTP: Microsoft Windows Win32k NtGdiQueryFonts Information Disclosure
  • 39146: HTTP: Microsoft Windows Ntoskrnl Session Hijacking Vulnerability
  • 39147: HTTP: Microsoft Windows Ntoskrnl Session Hijacking Vulnerability
  • 39148: HTTP: Microsoft Windows NtLoadKeyEx Privilege Escalation Vulnerability
  • 39149: HTTP: Microsoft Windows Application Hive Privilege Escalation Vulnerability
  • 39150: HTTP: Microsoft Excel Binary Use-After-Free Vulnerability
  • 39151: HTTP: Microsoft Windows Win32k-GDI Buffer Overflow Vulnerability
  • 39152: HTTP: Microsoft Excel Information Disclosure Vulnerability
  • 39153: HTTP: Microsoft Internet Explorer and Edge wininet.dll Information Disclosure Vulnerability
  • 39154: HTTP: Microsoft Office DLL Hijacking Vulnerability
  • 39155: HTTP: Microsoft Excel Binary Workbook Use-After-Free Vulnerability
  • 39157: HTTP: Microsoft Excel Binary Memory Corruption Vulnerability
  • 39158: HTTP: Microsoft Internet Explorer and Edge CSS Information Disclosure Vulnerability (ZDI-16-513)
  • 39159: HTTP: Microsoft Excel Binary Memory Corruption Vulnerability
  • 39161: HTTP: Microsoft Excel Binary Memory Corruption Vulnerability
  • 39162: HTTP: Microsoft PowerPoint ppcore Memory Corruption Vulnerability
  • 40712: HTTP: Microsoft Internet Explorer and Edge mimeType Information Disclosure Vulnerability
  • 40713: HTTP: Microsoft Internet Explorer VBScript ADODB.Connection Use-After-Free Vulnerability
  • 40714: SMB: Microsoft Windows NTLM Information Disclosure Vulnerability
  • 40715: HTTP: Microsoft Internet Explorer Protected Mode Sandbox Escape Vulnerability (ZDI-16-510)

Post from: Trendlabs Security Intelligence Blog – by Trend Micro

September Patch Tuesday: Browser, Exchange, Office Bugs Dominate

Read more: September Patch Tuesday: Browser, Exchange, Office Bugs Dominate

Story added 15. September 2016, content source with full text you can find at link above.