Home > Cyber News > From KB 3142015 to KB 3141780: MS Security Bulletin, March 2016

From KB 3142015 to KB 3141780: MS Security Bulletin, March 2016

patch-tuesday-sad-face-stforumPatch Tuesday for March 2016 is already a fact. Microsoft has just released 13 security bulletins, aimed at a total of 44 vulnerabilities. 5 of the updates are critical and are addressing remote code execution issues in Windows (such as Windows Media Player and Windows PDF library), Internet Explorer and Microsoft Edge.

Security Bulletins 2016:
Feb 9 Patch Tuesday
Jan 12 Patch Tuesday

Even though Microsoft says that none of the vulnerabilities have been exploited, patching is as crucial as always. Also, Windows users should not forget that after the updates installation, reboot of the system is required in most of the cases.

Here is a list of the software that has been patched
(via SecureList):

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Mail Library Loading Validation
  • Windows Adobe Type Manager Library OpenType Font Parsing (previously known as atmfd.dll)
  • Windows Media
  • Microsoft Office
  • Windows OLE supporting applications such as Microsoft Office (Asycfilt.dll, Ole32.dll, Oleaut32.dll, Olepro32.dll)
  • Windows Security Authority (seclogon.dll)
  • Multiple Drivers (KMD)
  • .Net Framework

As visible, Microsoft is addressing a dll sideloading vulnerability, which has been a problem for Microsoft for a long time. As pointed out by SecureList researchers, Microsoft has been patching dll pre/side-load issues since Win2k SP4. The current problem seems like a pathological case, requiring the use of Microsoft Mail, and a malicious OLE document to be opened for editing on a victim’s system.

Here Is the Full List of March 09, 2016 Security Bulletins

  • MS16-023 (Critical) – Cumulative Security Update for Internet Explorer – KB 3142015
  • MS16-024 (Critical) – Cumulative Security Update for Microsoft Edge – KB 3142019
  • MS16-025 (Important) – Security Update for Windows Library Loading to Address Remote Code Execution – KB 3140709
  • MS16-026 (Critical) – Security Update for Graphic Fonts to Address Remote Code Execution – KB 3143148
  • MS16-027 (Critical) – Security Update for Windows Media to Address Remote Code Execution – KB 3143146
  • MS16-028 (Critical) – Security Update for Microsoft Windows PDF Library to Address Remote Code Execution – KB 3143081
  • MS16-029 (Important) – Security Update for Microsoft Office to Address Remote Code Execution – KB 3141806
  • MS16-030 (Important) – Security Update for Windows OLE to Address Remote Code Execution – KB 3143136
  • MS16-031 (Important) – Security Update for Microsoft Windows to Address Elevation of Privilege – KB 3140410
  • MS16-032 (Important) – Security Update for Secondary Logon to Address Elevation of Privilege – KB 3143141
  • MS16-033 (Important) – Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege – KB 3143142
  • MS16-034 (Important) – Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege – KB 3143145
  • MS16-035 (Important) – Security Update for .NET Framework to Address Security Feature Bypass – KB 3141780

A Closer Look at KB 3142019, the Cumulative Security Update for Microsoft Edge

One update that needs to be installed as soon as possible is MS16-024, or KB 3142019, because 10 of 11 vulnerabilities discovered in it are critical. As we already wrote, the update addresses remote code execution. Such flaws can be exploited when an attacker loads a compromised website in Edge.

What does this mean? If the update hasn’t been installed, users that click on unknown and suspicious links are at risk. In Microsoft’s words, this means that:

The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Many security researchers believe that most of the vulnerabilities in March 2016 Patch Tuesday will be exploited in the wild.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share