Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Microsoft Patch Tuesday, January 2016

It's a new year and with it comes a fresh batch of CVEs. As expected this January's Patch Tuesday is the lightest month since last January with only 9 Bulletins with 18 unique CVEs. Several of the CVEs are shared between bulletins. Six of the bulletins are rated Critical with the other three rated Important. Internet Explorer and Microsoft Edge Web Browsers show up with two CVEs each, but only three of them are unique. CVE-2016-0002, a vulnerability in the VBScript scripting engine, is shared between Edge and IE and appears in its own bulletin MS16-003. The other Critical bulletins cover Microsoft Office, Silverlight and a remote code execution vulnerability in the Windows Kernel Mode Driver. Specifically the vulnerability rests in the Graphics Device Interface which could be exploited by a user browsing to a malicious website. Even though it's a light month, administrators should make sure that these updates are applied. Given that all of the critical vulnerabilities are in client software, this is a dangerous month for your average user.

Today also marks the End of Support for all Internet Explorer versions except the most current, Internet Explorer 11. If you are still using older versions of Internet Explorer, this is the time to upgrade.

MS16-001
CVE-2016-0002, CVE-2016-0005
Critical
Cumulative Security Update for Internet Explorer

This security update resolves vulnerabilities in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

This security update is rated Critical for Internet Explorer 7 (IE 7) through Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 7 (IE 7) through Internet Explorer 11 (IE 11) on affected Windows servers.

 

MS16-002
CVE-2016-0003, CVE-2016-0024
Critical
Cumulative Security Update for Microsoft Edge

This security update resolves vulnerabilities in Microsoft Edge. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

This security update is rated Critical for Microsoft Edge on Windows 10.

 

MS16-003
CVE-2016-0002
Critical
Cumulative Security Update for JScript and VBScript to Address Remote Code Execution

This security update resolves a vulnerability in the VBScript scripting engine in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

This security update is rated Critical for affected versions of the VBScript scripting engine on supported editions of Windows Vista, Windows Server 2008, and Server Core installations of Windows Server 2008 R2.

 

MS16-004
CVE-2015-6117, CVE-2016-0010, CVE-2016-0011, CVE-2016-0012, CVE-2016-0035
Critical
Security Update for Microsoft Office to Address Remote Code Execution

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

See full Microsoft bulletin for affected versions of Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016

 

MS16-005
CVE-2016-0008, CVE-2016-0009
Critical
Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution

This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user visits a malicious website.

This security update is rated Critical for all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2; it is rated Important for all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows 10 Version 1511.

 

MS16-006
CVE-2016-0034
Critical
Security Update for Silverlight to Address Remote Code Execution

This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application. An attacker would have no way to force users to visit a compromised website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email or instant message that takes users to the attacker's website.

This security update is rated Critical for Microsoft Silverlight 5 and Microsoft Silverlight 5 Developer Runtime when installed on Mac or all supported releases of Microsoft Windows

 

MS16-007
CVE-2016-0014, CVE-2016-0015, CVE-2016-0016, CVE-2016-0018, CVE-2016-0019, CVE-2016-0020
Important
Security Update for Microsoft Windows to Address Remote Code Execution

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application.

This security update is rated Important for all supported releases of Microsoft Windows.

 

MS16-008
CVE-2016-0006, CVE-2016-0007
Important
Security Update for Kernel to Address Elevation of Privilege

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.

This security update is rated Important for all supported releases of Microsoft Windows.

 

MS16-010
CVE-2016-0029, CVE-2016-0030, CVE-2016-0031, CVE-2016-0032
Important
Security Update for Exchange server to Address Spoofing

This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow spoofing if Outlook Web Access (OWA) fails to properly handle web requests, and sanitize user input and email content.

This security update is rated Important for all supported editions of Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo