Microsoft Critical Security Bulletins Summary – September 2016

Number: AV16-142
Date: 13 September 2016

Purpose

The purpose of this advisory is to bring attention to the monthly Microsoft Security Bulletin Summary for September 2016.

Assessment

The summary covers 14 bulletins (7 Critical and 7 Important), which addresses multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Microsoft Communications Platforms and Software, and Microsoft Office Services and Web Apps.

***Critical***
MS16-104 ; Cumulative Security Update for Internet Explorer (3183038)
MS16-105;; Cumulative Security Update for Microsoft Edge (3183043)
MS16-106;; Security Update for Microsoft Graphics Component (3185848)
MS16-107;; Security Update for Microsoft Office (3185852)
MS16-108;; Security Update for Microsoft Exchange Server (3185883)
MS16-116 ;;Security Update in OLE Automation for VBScript Scripting Engine (3188724)
MS16-117 ;;Security Update for Adobe Flash Player (3188128)

***Important***
MS16-109;; Security Update for Silverlight (3182373)
MS16-110;; Security Update for Windows (3178467)
MS16-111;; Security Update for Windows Kernel (3186973)
MS16-112;; Security Update for Windows Lock Screen (3178469)
MS16-113 ;;Security Update for Windows Secure Kernel Mode (3185876)
MS16-114; ;Security Update for SMBv1 Server (3185879)
MS16-115 ;;Security Update for Microsoft Windows PDF Library (3188733)

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

https://technet.microsoft.com/en-us/library/security/ms16-sep

Note to Readers

In support of Public Safety's mission to build a safe and resilient Canada, CCIRC's mandate is to help ensure the security and resilience of the vital non-federal government cyber systems that underpin Canada's national security, public safety and economic prosperity. As Canada's computer security incident response team, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents on non-federal government systems. It does this by providing authoritative advice and support, and coordinating information sharing and incident response.

Please note, CCIRC PGP key has recently been updated.
http://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/_fl/CCIRCPublicPGPKey.txt

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: ps.communications-communications.sp@canada.ca

Date modified: