August continues an on-going trend with Microsoft's products, the majority of bulletins (5) address remote code execution (RCE) followed by elevation of privilege (2), security feature bypass (1) and information disclosure (1). All of this month's critical bulletins are remote code execution vulnerabilities, affecting a variety of products and platforms including Edge, Internet Explorer, Microsoft Office, Office Services and Web Apps, Sharepoint as well as Windows (client and server).
Looking back at the last year of security bulletins, a resounding trend has emerged and continues to be prominent; the majority of these bulletins address RCE. While Microsoft continues actively working on resolving these issues, as witnessed in the overwhelming number of critical RCE bulletins, there is an ongoing battle in which they are unable to permanently address these vulnerabilities, which predominantly affect consumer applications such as Edge, Internet Explorer, Microsoft Office and .NET. Unfortunately, this leads to one of the single largest attack vectors, consumers.
This month Microsoft resolves 27 vulnerabilities across 9 bulletins. For consumers MS16-095, MS16-096, MS16-097 and MS16-102 are the bulletins to watch out for, addressing 14 vulnerabilities. For server users, no particular bulletin draws immediate attention enabling the majority of server admins to roll out patches at a fairly leisure pace. Fortunately, at this time no vulnerabilities are known to be publicly disclosed or have been exploited in the wild.
Users should be wary of untrusted sources as maliciously crafted content could allow an attacker to remotely execute code in order to gain the same rights as your user account. Your best protection against these threats is to patch your systems as quickly as possible. Administrators, be sure to review this month's bulletins and in accordance with your specific configuration, prioritize your deployment of this months' updates. At a minimum, ensure to patch systems affected by critical bulletins (MS16-095, MS16-096, MS16-097, MS16-099 and MS16-102).
- CVE-2016-3288 (MS16-095)
- CVE-2016-3289 (MS16-095, MS16-096)
- CVE-2016-3290 (MS16-095)
- CVE-2016-3293 (MS16-095, MS16-096)
- CVE-2016-3321 (MS16-095)
- CVE-2016-3322 (MS16-095, MS16-096)
- CVE-2016-3326 (MS16-095, MS16-096)
- CVE-2016-3327 (MS16-095, MS16-096)
- CVE-2016-3329 (MS16-095, MS16-096)
- CVE-2016-3296 (MS16-096)
- CVE-2016-3319 (MS16-096, MS16-102)
- CVE- 2016-3301 (MS16-097)
- CVE-2016-3303 (MS16-097)
- CVE-2016-3304 (MS16-097)
- CVE-2016-3308 (MS16-098)
- CVE-2016-3309 (MS16-098)
- CVE-2016-3310 (MS16-098)
- CVE-2016-3311 (MS16-098)
- CVE-2016-3313 (MS16-099)
- CVE-2016-3315 (MS16-099)
- CVE-2016-3316 (MS16-099)
- CVE-2016-3317 (MS16-099)
- CVE-2016-3318 (MS16-099)
- CVE-2016-3320 (MS16-100)
- CVE-2016-3237 (MS16-101)
- CVE-2016-3300 (MS16-101)
- CVE-2016-3312 (MS16-103)