Security News

Microsoft Security Bulletin Coverage (Aug 9, 2016)

By

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of Aug 9, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS16-095 Cumulative Security Update for Internet Explorer

  • CVE-2016-3288 Internet Explorer Memory Corruption Vulnerability
    SPY:1082 ” Malformed-File html.MP.62″
  • CVE-2016-3289 Microsoft Browser Memory Corruption Vulnerability
    IPS:11781 ” Microsoft Browser Memory Corruption Vulnerability (MS16-095) “
  • CVE-2016-3290 Internet Explorer Memory Corruption Vulnerability
    IPS:11782 ” Internet Explorer Memory Corruption Vulnerability (MS16-095) “
  • CVE-2016-3293 Microsoft Browser Memory Corruption Vulnerability
    IPS:11783 ” Microsoft Browser Memory Corruption Vulnerability (MS16-095) 2″
  • CVE-2016-3321 Internet Explorer Information Disclosure Vulnerability
    IPS:11784 ” Internet Explorer Information Disclosure Vulnerability (MS16-095) 2 “
  • CVE-2016-3322 Internet Explorer Security Feature Bypass Vulnerability
    SPY:1076 ” Malformed-File html.MP.60_3 “
  • CVE-2016-3326 Microsoft Browser Information Disclosure Vulnerability
    IPS:11787 ” Microsoft Browser Information Disclosure Vulnerability (MS16-096) “
  • CVE-2016-3327 Microsoft Browser Information Disclosure Vulnerability
    SPY:1087 ” Malformed-File swf.MP.477 “
  • CVE-2016-3329 Microsoft Browser Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS16-096 Cumulative Security Update for Microsoft Edge

  • CVE-2016-3289 Microsoft Browser Memory Corruption Vulnerability
    IPS:11781 ” Microsoft Browser Memory Corruption Vulnerability (MS16-095) “
  • CVE-2016-3293 Microsoft Browser Memory Corruption Vulnerability
    IPS:11783 ” Microsoft Browser Memory Corruption Vulnerability (MS16-095) 2″
  • CVE-2016-3296 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3319 Microsoft PDF Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3322 Internet Explorer Security Feature Bypass Vulnerability
    SPY:1076 ” Malformed-File html.MP.60_3 “
  • CVE-2016-3326 Microsoft Browser Information Disclosure Vulnerability
    IPS:11787 ” Microsoft Browser Information Disclosure Vulnerability (MS16-096) “
  • CVE-2016-3327 Microsoft Browser Information Disclosure Vulnerability
    SPY:1087 ” Malformed-File swf.MP.477 “
  • CVE-2016-3329 Microsoft Browser Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS16-097 Security Update for Microsoft Graphics Component

  • CVE-2016-3301 Windows Graphics Component RCE Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3303 Windows Graphics Component RCE Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3304 Windows Graphics Component RCE Vulnerability
    There are no known exploits in the wild.

MS16-098 Security Update for Windows Kernel-Mode Drivers

  • CVE-2016-3308 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-3309 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-3310 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-3311 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.

MS16-099 Security Update for Microsoft Office

  • CVE-2016-3313 Microsoft Office Memory Corruption Vulnerability
    SPY:1079 ” Malformed-file doc.MP.41 “
  • CVE-2016-3
    315     Microsoft OneNote Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3316 Microsoft Office Memory Corruption Vulnerability
    SPY:1083 ” Malformed-file doc.MP.42 “
  • CVE-2016-3317 Microsoft Office Memory Corruption Vulnerability
    SPY:1084 ” Malformed-File rtf.MP.14 “
  • CVE-2016-3318 Graphics Component Memory Corruption Vulnerability
    SPY:1085 ” Malformed-File rtf.MP.15″

MS16-100 Security Update for Secure Boot

  • CVE-2016-3320 Secure Boot Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

MS16-101 Security Update for Windows Authentication Methods

  • CVE-2016-3237 Kerberos Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3300 NetLogon Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS16-102 Security Update for Microsoft Windows PDF Library

  • CVE-2016-3319 Microsoft PDF Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-103 Security Update for ActiveSyncProvider

  • CVE-2016-3312 Universal Outlook Information Disclosure Vulnerability
    There are no known exploits in the wild.
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
CA Backup Message Engine DoS (June 25, 2009)
JURASIK Ransomware actively spreading in the wild
Increase in Andromeda botnet spam (April 26, 2013)
Cryptowall 4.0 emerges with new features (Nov 6, 2015)
Google Groups controlled Trojan (Sep 18, 2009)
Google Apps URI Argument Injection (Oct 16, 2009)
Apache HTTPD mod_proxy Security Bypass (Dec 2, 2011)
Recent Flash zero day (CVE-2016-4117) attacks spotted in the wild (May 24,2016)