December 2016 – Microsoft Security Update

By | February 8, 2017

Microsoft Security Updates and Problems (December 2016)

The release date for this bulletin is the 13th December 2016.

The Microsoft updates or patches listed below will require a restart of services or server in order to be applied effectively.

The severity ratings are Critical and Important  whereas the vulnerability impact includes remote code execution, elevation of privileges and information disclosure.

Bulletin  number Title Security Update Description
MS16-155

Security Update for .NET Framework (3205640)

This security update resolves a vulnerability in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. A security vulnerability exists in Microsoft .NET Framework 4.6.2 that could allow an attacker to access information that is defended by the Always Encrypted feature.
MS16-154

Security Update for Adobe Flash Player (3209498)

This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
MS16-153

Security Update for Common Log File System Driver (3207328)

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to bypass security measures on the affected system allowing further exploitation.
MS16-152

Security Update for Windows Kernel (3199709)

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when the Windows kernel improperly handles objects in memory.
MS16-151

Security Update for Windows Kernel-Mode Drivers (3205651)

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
MS16-150

Security Update for Secure Kernel Mode (3205642)

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if a locally-authenticated attacker runs a specially crafted application on a targeted system. An attacker who successfully exploited the vulnerability could violate virtual trust levels (VTL).
MS16-149

Security Update for Microsoft Windows (3205655)

This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application.
MS16-148

Security Update for Microsoft Office (3204068)

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-147

Security Update for Microsoft Uniscribe (3204063)

This security update resolves a vulnerability in Windows Uniscribe. The vulnerability could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS16-146

Security Update for Microsoft Graphics Component (3204066)

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS16-145

Cumulative Security Update for Microsoft Edge (3204062)

This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.
MS16-144

Cumulative Security Update for Internet Explorer (3204059)

This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft Problems with Security Updates (December 2016)

The Below table gives a brief summary of the applications or software which are vulnerable to attack if updates are not implemented.

Note: If  require more information on the Microsoft Problems with solutions please click on the Bulletin numbers below.

Date Bulletin number Title Affected Software
13-Dec-16

MS16-155

Security Update for .NET Framework (3205640) Microsoft Windows
13-Dec-16

MS16-154

Security Update for Adobe Flash Player (3209498) Microsoft Windows
13-Dec-16

MS16-153

Security Update for Common Log File System Driver (3207328) Microsoft Windows
13-Dec-16

MS16-152

Security Update for Windows Kernel (3199709) Microsoft Windows
13-Dec-16

MS16-151

Security Update for Kernel-Mode Driver (3205651) Microsoft Windows
13-Dec-16

MS16-150

Security Update for Windows Secure Kernel Mode (3205642) Microsoft Windows
13-Dec-16

MS16-149

Security Update for Windows (3205655) Microsoft Windows
13-Dec-16

MS16-148

Security Update for Microsoft Office (3204068) Microsoft Windows
Microsoft Office
13-Dec-16

MS16-147

Security Update for Microsoft Uniscribe (3204063) Microsoft Windows
13-Dec-16

MS16-146

Security Update for Microsoft Graphics Component (3204066) Microsoft Windows
13-Dec-16

MS16-145

Cumulative Security Update for Microsoft Edge (3204062) Microsoft Windows
Microsoft Edge
13-Dec-16

MS16-144

Cumulative Security Update for Internet Explorer (3204059) Microsoft Windows
Internet Explorer

Microsoft Problems and Solutions for the months of 2016 (click below)

Jan-16 Feb-16 Mar-16 Apr-16 May-16 Jun-16 Jul-16 Aug-16 Sep-16 Oct-16 Nov-16 Dec-16

Leave a Reply

Your email address will not be published. Required fields are marked *