With more than 40 vulnerabilities fixed in its products and, in particular, flaws rated critically in Windows, Internet Explorer, Edge and Office, Microsoft is pushing out particularly important security updates without delay.
Since there is no longer really Patch Tuesday and updates for Windows 10 are activated by default, Microsoft pushes its latest patches every month to correct its main security vulnerabilities. This is the case this time with this wave of patches which fill 40 vulnerabilities, six of which are rated critical.
These vulnerabilities are pointed out in sixteen security bulletins, which brings to 160 the total number of security bulletins for the last six months. A record for the last decade. Enterprises running Windows servers should urgently test and schedule the installation of a patch to address a critical vulnerability in the Microsoft DNS Server component (bulletin MS16-071). Attackers can indeed exploit this flaw by sending specially crafted DNS queries to compromise a Windows Server 2012 or R2 configured as a DNS server.
Update to be applied without delay
“The impact of this vulnerability is extremely worrying on a mission critical service such as DNS,” Wolfgang Kandek, CTO of security provider Qualys, said in a blog post. “Companies that run their DNS server on the same machine as their directory service should be doubly aware of the danger of this vulnerability.”
The critical bulletins for Internet Explorer and Edge, namely MS16-063 and MS16-068, are also high on the priority list because they block the execution of remote lines of code that can be triggered after a simple browse. on a specially designed website.
Code injection from Outlook
On the list of critical security bulletins is MS16-070 which affects Microsoft’s office suite because Office applications are a prime target for attackers, who in particular push malicious attachments. W. Kandek believes that the most significant vulnerability in the Office Bulletin is a remote code execution flaw (CVE-2.016 through 0.025) that exploits the Word RTF format. “RTF can be used to launch attacks from Outlook’s preview pane, enabled by default, without any user interaction,” he says.
Even if 10 security bulletins are flagged as merely important, companies should evaluate them in their own environment. Patching might be urgent with some assets.