February’s Patch Tuesday is already a fact. Let’s see what the 13 security bulletins just released by Microsoft are all about.
First off, MS16-FEB has taken care of flaws in Windows, Internet Explorer and Windows 10’s browser Edge. Six of the patches are critical and, not surprisingly, they address remote code execution vulnerabilities.
Preceding Patch Tuesdays:
January 12
December 8
November 10
One update that shouldn’t be neglected is the cumulative one for Internet Explorer – KB 3134220. However, not much is said about the specifics of fixed vulnerabilities. The same goes to the rest of the updates’ descriptions. Scarcity is what describes them best. Nonetheless, let’s hope nothing goes wrong while updating, or afterwards for that matter.
Cumulative Security Update for Internet Explorer – KB 3134220
This update is considered critical and it requires restart.
Official description:
This security update resolves several reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer.
More (not really relevant) information about KB 3134220 is available on Microsoft Support page.
Cumulative Security Update for Microsoft Edge – KB 3134225
This update is also critical and requires restart.
Official description:
This security update resolves multiple vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.
Security update for Microsoft Windows PDF Library to address remote code execution – KB 3138938
Another critical update that may require restart.
Official description:
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if Microsoft Windows PDF Library incorrectly handles application programming interface (API) calls. This could allow an attacker to run arbitrary code on the user’s system. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights. However, an attacker would be unable to force users to download or open a malicious PDF document.
Security Update for Windows Journal to Address Remote Code Execution – KB 3134811
A critical update that addresses remote code execution and may require restart after installation.
Official description:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
Security Update for Microsoft Office to Address Remote Code Execution – 3134226
A critical update that may require restart.
Official description:
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Security Update for Adobe Flash Player – KB 3135782
A critical update that resolve remote code execution and requires restart.
Official description:
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
Security Update for Microsoft Windows to Address Remote Code Execution – KB 3134228
This update is classified as important. It addresses remote code execution flaws in Windows. It would be nice if more information is provided about updates resolving flaws in Windows.
Official description:
This security update resolves vulnerabilities in Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application.
Security Update for WebDAV to Address Elevation of Privilege – KB 3136041
An important update that resolves elevation of privilege issues, and may require restart.
Official description:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker uses the Microsoft Web Distributed Authoring and Versioning (WebDAV) client to send specifically crafted input to a server.
Security Update for Remote Desktop Display Driver to Address Elevation of Privilege – KB 3134700
An important update that resolves elevation of privilege issues, requires restart.
Official description:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an authenticated attacker logs on to the target system using RDP and sends specially crafted data over the connection. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege – KB 3136082
An important update that addresses elevation of privilege and requires restart.
Official description:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
Security Update for .NET Framework to Address Denial of Service – KB 3137893
An important update that addresses denial of service flaws, and may require restart.
Official description:
This security update resolves vulnerabilities in Microsoft .NET Framework. The more severe of the vulnerabilities could cause denial of service if an attacker inserts specially crafted XSLT into a client-side XML web part, causing the server to recursively compile XSLT transforms.
Security Update for Active Directory Federation Services to Address Denial of Service – KB 3134222
An important update that addresses denial of service flaws, and may require restart.
Official description:
This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow denial of service if an attacker sends certain input data during forms-based authentication to an ADFS server, causing the server to become nonresponsive.
Security Update for NPS RADIUS Server to Address Denial of Service – KB 3133043
An important update that addresses denial of service flaws, and may require restart.
Official description:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could cause denial of service on a Network Policy Server (NPS) if an attacker sends specially crafted username strings to the NPS, which could prevent RADIUS authentication on the NPS.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: