February Patch Tuesday

By   ISBuzz Team
Writer , Information Security Buzz | Feb 11, 2016 06:30 pm PST

Microsoft has released their patches for the month of February. Security experts from Tripwire and Rapid7 have the following comments on it.

[su_note note_color=”#ffffcc” text_color=”#00000″]Tyler Reguly, Manager of Software Development at Tripwire:

“One of the best changes this month is that Adobe Flash Player embedded within Microsoft IE and Edge has finally received its own bulletin. Previously, Microsoft updated the same KB on a month by month basis with no defining elements. This is a welcome change and hopefully it bodes well for other areas where Microsoft continues to do this.

Active Directory Federation Services has seen increased usage across enterprises rolling out two-factor authentication. The vulnerability fixed in MS16-020 could mean increased downtime for said enterprises. This should likely rank high on the list of bulletins that enterprises will want to quickly test and deploy.”[/su_note]

[su_note note_color=”#ffffcc” text_color=”#00000″]Craig Young, Security Researcher at Tripwire:

“Today marks the twelfth RCE bug Microsoft is patching in Windows Journal in just 10 months. This is particularly interesting because before 2015, Windows Journal vulnerabilities were basically unheard of. While the increased scrutiny of Windows Journal may be an indication of Microsoft’s successes in the tablet space, it is important to remember that the flaw is not limited to tablets. In fact every piece of software installed on a computer adds to the potential attack surface even if that software is not frequently used.”[/su_note]

[su_note note_color=”#ffffcc” text_color=”#00000″]Adam Nowak, Active Lead Engineer, Rapid7:

“February continues this quarter’s trend with the majority of bulletins (7) addressing remote code execution (RCE) vulnerabilities; the remaining 6 evenly address denial of service (DOS) and elevation of privilege. All of the critical bulletins (MS16-009, MS16-011. MS16-012, MS16-013, MS16-015, MS16-022) are remote code execution issues affecting a variety of products and platforms include Edge, Internet Explorer, Office, Office for Mac, Office Web Apps, SharePoint and releases of Microsoft Windows (Client and Server).

This month Microsoft resolves 36 vulnerabilities across 13 bulletins, with MS16-009, MS16-011, MS16-012, MS16-015 as the bulletins to watch out for, addressing 24 vulnerabilities. Since a wide range of products are affected this month almost all Microsoft users should be on alert. Fortunately at this time, no vulnerabilities are known to have been exploited.

Users should be wary of untrusted sources as maliciously crafted content could allow an attacked to remotely execute code in-order to gain the same rights as your user account. Your best protection against these threats is to patch as quickly as possible.”[/su_note]