Skip navigation
Microsoft April 2016 Patch Tuesday comes with 6 Critical, 7 Important fixes

Microsoft April 2016 Patch Tuesday comes with 6 Critical, 7 Important fixes

Why BadLock might not be the worst in this batch

It's Patch Tuesday yet again, with 6 critical fixes and 7 marked important. A lot of the discussion today was about BadLock, which admits that its "yet another bug with a logo." But unlike HeartBleed and some other high priority security holes, experts are relatively unimpressed with the danger it presents. Tyler Reguly from Tripwire emailed over some particularly harsh comments. "There are a lot of topics that we could discuss instead of Badlock," he wrote, saying it was overhyped. "One of those topics would be MS16-039, which indicates two Win32K privilege escalations are being actively targeted."

He also noted something interesting on Flash:

Adobe and Microsoft are both shipping Flash updates but they are no longer synced with Adobe dropping a patch on Friday and Microsoft waiting 5 days before releasing their update. When multiple vendors are shipping the same product, the synchronization of updates is beneficial as it protects the details of the update until everyone can patch.

With Microsoft taking a firmer stance on Flash performance and security, Adobe has a lot if work ahead to prove its remaining value, even as it tries to transition customers to its HTML 5 offerings.

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity Rating and Vulnerability Impact

Affected Software

 

 

 

MS16-037

Cumulative Security Update for Internet Explorer (3148531)

Critical 

Microsoft Windows,

 

This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Remote Code Execution

Internet Explorer

MS16-038

Cumulative Security Update for Microsoft Edge (3148532)

Critical 

Microsoft Windows,

 

This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.

Remote Code Execution

Microsoft Edge

MS16-039

Security Update for Microsoft Graphics Component (3148522) 

Critical 

Microsoft Windows, Microsoft .NET Framework,

 

This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.

Remote Code Execution

Microsoft Office, Skype for Business,

 

 

 

Microsoft Lync.

MS16-040

Security Update for Microsoft XML Core Services (3148541) 

Critical 

Microsoft Windows

 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user clicks a specially crafted link that could allow an attacker to run malicious code remotely to take control of the user’s system. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message.

Remote Code Execution

MS16-041

Security Update for .NET Framework (3148789) 

Important 

Microsoft Windows,

 

This security update resolves a vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution if an attacker with access to the local system executes a malicious application.

Remote Code Execution

Microsoft .NET Framework

MS16-042

Security Update for Microsoft Office (3148775) 

Critical 

Microsoft Office,

 

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Remote Code Execution

Microsoft Office Services and Web Apps

MS16-044

Security Update for Windows OLE (3146706) 

Important 

Microsoft Windows

 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. However, an attacker must first convince a user to open either a specially crafted file or a program from either a webpage or an email message.

Remote Code Execution

MS16-045

Security Update for Windows Hyper-V (3143118) 

Important 

Microsoft Windows

 

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.

Remote Code Execution

MS16-046

Security Update for Secondary Logon (3148538) 

Important 

Microsoft Windows

 

This security update resolves a vulnerability in Microsoft Windows. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.

Elevation of Privilege

 

MS16-047

Security Update for SAM and LSAD Remote Protocols (3148527)

Important 

Microsoft Windows

 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack. An attacker could then force a downgrade of the authentication level of the SAM and LSAD channels and impersonate an authenticated user.

Elevation of Privilege

 

MS16-048

Security Update for CSRSS (3148528)

Important 

Microsoft Windows

 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker logs on to a target system and runs a specially crafted application.

Security Feature Bypass

 

MS16-049

Security Update for HTTP.sys (3148795)

Important 

Microsoft Windows

 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a specially crafted HTTP packet to a target system.

Denial of Service

 

MS16-050

Security Update for Adobe Flash Player (3154132) 

Critical 

Microsoft Windows,

 

This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.

Remote Code Execution

Adobe Flash Player

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish