Information Security News
Today, Microsoft released a total of 9 security bulletins. 5 of the bulletins are rated critical, the rest are rated important.
You can find our usual summary here: https://isc.sans.edu/mspatchdays.html?viewday=2016-08-09(or via the API in various parsable formats)
Some of the highlights:
MS16-095/096: The usual Internet Explorer and Edge patches. Microsoft addresses nine vulnerabilities for Internet Explorer, and 8 for Edge. Note that there is a lot of overlap. Kind of makes you wonder how much Edge differs from Internet Explorer.
MS16-097: This patches three vulnerabilities in Microsoft Windows Graphics Component. The vulnerabilities can be reached via Skype for Business or Lync.
MS16-098: 4 more privilege escalation flaws in Windows kernel mode drivers.
MS16-099: This update patches five vulnerabilities in Microsoft Office. Note that Office for the Mac is affected as well. So is the Word Viewer.
MS16-100: The patch fixes a vulnerability that would allow bypassing of Secure Boot. Note that this update MAY affect dual boot of systems that use operating systems other than Windows.
MS16-101: Two similar vulnerabilities, affectingKerberos nad Netlogon, are addressed in this update. Exploitation could lead to privilege escalation
MS16-102: In recent versions of Windows, Microsoft started to use its own PDF library. Sadly, it is vulnerable just like any other PDF library, and this update addresses one new vulnerability. Note that Microsoft does provide hints in the bulletin about how to disable rendering of PDFs in Edge. I am not sure if this is a good idea, but something you may want to consider.
MS16-103: This vulnerability only affects the Universal edition of Outlook, and could lead to data leakage.
My Patch Priority:
(I see it as really three groups: 1-5: remote code execution vulnerabilities, 6-7: Privilege Escalation, 8-9: others... Within each group it is difficult to prioritize)
by Tom Mendelsohn
Juniper Networks has found and mostly patched a flaw in the way the firmware on its routers process IPv6 traffic, which allowed malicious users to simulate Direct Denial of Service attacks.
The vulnerability, which seems to be common to all devices processing IPv6 address, meant that purposely crafted neighbour discovery packets could be used to flood the routing engine from a remote or unauthenticated source, causing it to stop processing legitimate traffic, and leading to a DDoS condition.
According to Juniper's advisory report: