April 2016 Patch Tuesday Releases 13 Security Patches; Addresses the Badlock Vulnerability

13 security bulletins were released in this month’s Patch Tuesday addressing vulnerabilities in Internet Explorer, Microsoft Edge, Microsoft Office, and Microsoft XML Core Services, among others. Out of these bulletins, six are rated as ‘Critical’ while seven are tagged as ‘Important.’ Both MS16-037 and MS16-038 which fixed vulnerabilities in Internet Explorer and Edge respectively, could allow remote code execution when exploited successfully.

Perhaps, the most notable among the vulnerabilities resolved in this month’s Patch Tuesday is MS16-047, more popularly known as the Badlock vulnerability that has been circulating in the last few weeks. With all the hype, this vulnerability, which affects all Windows systems and Samba servers, only received an ‘Important’ rating. One of our researchers wrote a detailed entry debunking the hype surrounding this vulnerability.

Another notable ‘Critical’ bulletin (MS16-050) from the list was for Adobe Flash Player. One of the vulnerabilities it addressed, CVE-2016-1019 was used in zero-day attacks, prompting Adobe to release an out-of-band patch last week.

Speaking of Adobe, it also issued two bulletins this week to address security flaws in RoboHelp (APSB16-12) and Creative Cloud Desktop application for both Windows and Mac (APSB16-11). Users are highly recommended to apply these patches immediately on their systems.

Trend Micro solutions

Trend Micro Deep Security and Vulnerability Protection protect user systems from any threats that may leverage these vulnerabilities via the following DPI rules:

1007566-Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
1007548-Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0155)
1007547-Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0166)
1007546-Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0164)
1007563-Adobe Flash Player Use After Free Vulnerability (CVE-2016-1011)
1007568-Adobe Flash Player Use After Free Vulnerability (CVE-2016-1016)
1007561-Identified Windows DCERPC AUTH LEVEL CONNECT Password Validate Request
1007549-Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0156)
1007591-Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (CVE-2016-0160 and CVE-2016-0148)
1007555-Microsoft Office Memory Corruption Vulnerability (CVE-2016-0122)
1007550-Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0157)
1007557-Microsoft Office Memory Corruption Vulnerability (CVE-2016-0136)
1007584-SAMBA RPC Authentication Level Downgrade Vulnerability
1007554-Microsoft Windows MSXML Remote Code Execution Vulnerability (CVE-2016-0147)
1007565-Adobe Flash Player Use After Free Vulnerability (CVE-2016-1013)
1007539-Microsoft Windows RPC Downgrade Vulnerability (CVE-2016-0128) – 1
1007551-Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0158)
1007570-Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1018)
1007567-Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1015)
1007531-Microsoft Windows RPC Downgrade Vulnerability (CVE-2016-0128)
1007590-Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-1014)
1007564-Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1012)
1007592-Microsoft Windows DLL Loading Vulnerabilities Over Network Share (CVE-2016-0160 and CVE-2016-0148)
1007544-Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0154)
1007593-Identified SAMBA DCERPC AUTH LEVEL CONNECT Password Validate Request
1007556-Microsoft Office Memory Corruption Vulnerability (CVE-2016-0127)
1007562-Adobe Flash Player Security Bypass Vulnerability (CVE-2016-1006)
1007560-Microsoft Office Memory Corruption Vulnerability (CVE-2016-0139)
1007553-Microsoft Windows Graphics Memory Corruption Vulnerability (CVE-2016-0145)
1007552-Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0161)
1007586-SAMBA RPC Authentication Level Downgrade Vulnerability – 1
1007545-Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0159)
1007569-Adobe Flash Player Use After Free Vulnerability (CVE-2016-1017)
1007558-Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)