vissha Posted August 9, 2016 Share Posted August 9, 2016 Microsoft Security Bulletins August 2016 The following overview provides you with information on all security bulletins and updates that Microsoft released in August 2016. Microsoft releases security patches on the second Tuesday of each month. This month, the updates were released on August 9, 2016. The overview begins with an executive summary listing the most important information. It is followed by the operating system distribution, and information about patches for other Microsoft products. What follows is a list of all security bulletins, security advisories and non-security patches that Microsoft released this month. The final part offers download instructions, and links to various resources for further information. Microsoft Security Bulletins August 2016 Executive Summary Microsoft published a total of 9 security bulletins in August 2016. 5 of the bulletins received an aggregate severity rating of critical, the remaining ones the second-highest rating of important. Affected products include all client and server Windows operating systems, Microsoft Office, Internet Explorer, Microsoft Edge, and Skype for Business 2016. Operating System Distribution All client and server operating systems are affected by at least one bulletin rated critically for the system. Windows 10 is affected by the most bulletins. This can be explained by the cumulative Microsoft Edge bulletin MS10-096 and the Windows PDF Library bulletin MS10-102. Windows 8.x is also affected by the latter but not by the former. Windows 10 is furthermore affected by MS16-103 rated important, while all other client operating systems are not. The situation looks identical on the server side of things. Windows Vista: 2 critical, 3 important Windows 7: 2 critical, 3 important Windows 8.1: 3 critical, 3 important Windows RT 8.1: 2 critical, 2 important Windows 10: 4 critical, 4 important Windows Server 2008: 1 critical, 3 important, 1 moderate Windows Server 2008 R2: 1 critical, 3 important, 1 moderate Windows Server 2012 and 2012 R2: 2 critical, 3 important, 1 moderate Server core: 2 critical, 3 important Other Microsoft Products Microsoft Office 2007, 2010: 2 important Microsoft Office 2013, 2013 RT, 2016: 1 critical Microsoft Office for Mac 2011, 2016: 1 critical Microsoft Word Viewer: 1 critical, 1 important Skype for Business 2016: 1 important Microsoft Lync 2010, 2013: 1 important Microsoft Live Meeting 2007 Console: 1 important Security Bulletins MS16-095 Cumulative Security Update for Internet Explorer (3177356) - Critical - Remote Code Execution This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. MS16-096 Cumulative Security Update for Microsoft Edge 3177358) - Critical - Remote Code Execution This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. MS16-097 Security Update for Microsoft Graphics Component (3177393) - Critical - Remote Code Execution This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution. MS16-098 Security Update for Windows Kernel-Mode Drivers (3178466) - Important - Elevation of Privilege This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system. MS16-099 Security Update for Microsoft Office (3177451) - Critical - Remote Code Execution This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. MS16-100 Security Update for Secure Boot (3179577) - Important - Security Feature Bypass This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker installs a policy affected by the vulnerability onto a target device. MS16-101 Security Update for Windows Authentication Methods (3178465) - Important - Elevation of Privilege This security update resolves multiple vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a domain-joined system. MS16-102 Security Update for Microsoft Windows PDF Library (3182248) - Critical - Remote Code Execution This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. MS16-103 Security Update for ActiveSyncProvider (3182332) - Important - Information Disclosure This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Universal Outlook fails to establish a secure connection. Security advisories and updates Microsoft Security Advisory 3179528 Update for Kernel Mode Blacklist Microsoft is blacklisting some publicly released versions of securekernel.exe. Non-security related updates KB3176495, KB3176493, KB3176492 Windows 10 Version 1607 Cumulative Updates August 9, 2016 for the three different versions of windows 10 (Anniversary Update, Built 10586, and Build 10240) Lots of fixes, includes the security updates. All information on this page. KB3176929 Windows 10 Version 1607 Cumulative Update August 2, 2016 Update that includes a number of fixes and improvements. This includes Edge extension and background task improvement among other things. All changes are listed on this page. KB3161102 Update for Windows 8.1 and Windows 7 Update for Windows Journal component removal. This update lets users remove the Windows Journal component immediately. Users who require Windows Journal can install it as a standalone application by going here. KB3172605 July 2016 update rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Know issue affects Intel Bluetooth devices. The following changes are included in the update rollup: Improved support in Microsoft Cryptographic Application Programming Interface (CryptoAPI) to help identify websites that use Secure Hash Algorithm 1 (SHA-1). Addressed issue in Microsoft Secure Channel (SChannel) that sometime causes Transport Layer Security (TLS) 1.2 connections to fail depending on whether the root certificate is configured as part of the certificate chain for server authentication. KB3172614 Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 This update introduces a wide variety of updates (mostly fixes to existing issues). You find the all listed on this page. KB3035583 Update for Windows 8.1 and Windows 7 Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1 KB3172615 Update for Windows Embedded 8 Standard and Windows Server 2012 July 2016 update rollup for Windows Server 2012. The update fixes several issues and makes improvements to supported operating systems. The full list is accessible here. How to download and install the August 2016 security updates All security updates are made available on Windows Update. Windows home devices are configured by default to use Windows Update. Depending on the configuration, updates may be downloaded and installed automatically. The check for updates does not happen in real-time though. If you want to grab the updates right when they become available, do the following: Tap on the Windows-key on the computer keyboard, type Windows Update, and hit enter. This should open the Windows Update dialog. Windows may run a check for updates automatically, or after you click on the "check for updates" button or link. Updates that are found are either downloaded and installed automatically, or on user request. It is recommended to research all Windows updates before installing them on productive machines. The reason for this is that updates may break functionality or in the worst case prevent the system from booting at all. It is recommended to create a system backup prior to installing updates as well. Updates are also provided via Microsoft's Download Center, monthly Security ISO image releases, and via Microsoft's Update Catalog. Additional resources Microsoft Security Bulletin Summary for August 2016 List of software updates for Microsoft products List of security advisories of 2016 Our in-depth update guide for Windows Windows 10 Update History Source Link to comment Share on other sites More sharing options...
steven36 Posted August 9, 2016 Share Posted August 9, 2016 No problem updating to Windows 10 v1607 Build 1493.51 updates were already downloaded just had to install and reboot. Link to comment Share on other sites More sharing options...
Skunk1966 Posted August 9, 2016 Share Posted August 9, 2016 Quote KB3035583 Update for Windows 8.1 and Windows 7 Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1 I thought M$ was going to stop delivering this BS Link to comment Share on other sites More sharing options...
steven36 Posted August 9, 2016 Share Posted August 9, 2016 9 minutes ago, Skunk1966 said: I thought M$ was going to stop delivering this BS did you check updates on windows 7? ill go turn the laptop on and see and get back to you Link to comment Share on other sites More sharing options...
Skunk1966 Posted August 9, 2016 Share Posted August 9, 2016 9 minutes ago, steven36 said: did you check updates on windows 7? ill go turn the laptop on and see and get back to you just checked; not in list of updates on any of my machines (all W7 x64) Link to comment Share on other sites More sharing options...
OrbingStorm Posted August 9, 2016 Share Posted August 9, 2016 I haven't received the Anniversary update, yet alone all the fixes for it.No hurry though,the longer it takes maybe less problems it will have. Still angry they are stripping features from the pro edition in group policy. Link to comment Share on other sites More sharing options...
steven36 Posted August 9, 2016 Share Posted August 9, 2016 2 hours ago, Skunk1966 said: just checked; not in list of updates on any of my machines (all W7 x64) its still one update on windows 7 i hid were it checks to see if you're PC is compatible with newer versions of windows . Link to comment Share on other sites More sharing options...
Holmes Posted August 10, 2016 Share Posted August 10, 2016 There is a good chance that they are going to continue the get windows ten app with aniversary update released they released the redstone one update which means there going to want to urge users in a stronger way to get windows ten. Link to comment Share on other sites More sharing options...
steven36 Posted August 10, 2016 Share Posted August 10, 2016 As Skunk1966 pointed out the the source post has false info in it there's no GWX update in windows 7 no more , But there was a update to see if you're PC is compatible with Windows 10 still. Windows 10 is no longer a free upgrade so they have no reason to push GWX that ended last month but Telemetry has always existed in Windows . Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.