Number: AV16-043
Date: 8 March 2016
Purpose
The purpose of this advisory is to bring attention to the monthly Microsoft Security Bulletin Summary for March 2016.
Assessment
The summary covers 13 bulletins (5 Critical and 8 Important), which addresses multiple vulnerabilities in Microsoft .NET Framework, Microsoft Internet Explorer, Microsoft Edge, Microsoft Office, Microsoft Windows PDF Library, Windows USB Mass Storage Class Driver, Windows Kernel-Mode Drivers, Secondary Logon, and Windows Media.
***Critical***
- MS16-023 Cumulative Security Update for Internet Explorer (3142015)
- MS16-024 Cumulative Security Update for Microsoft Edge (3142019)
- MS16-026 Security Update for Graphic Fonts to Address Remote Code Execution (3143148)
- MS16-027 Security Update for Windows Media to Address Remote Code Execution (3143146)
- MS16-028 Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3143081)
***Important***
- MS16-025 Security Update for Windows Library Loading to Address Remote Code Execution (3140709)
- MS16-029 Security Update for Microsoft Office to Address Remote Code Execution (3141806)
- MS16-030 Security Update for Windows OLE to Address Remote Code Execution (3143136)
- MS16-031 Security Update for Microsoft Windows to Address Elevation of Privilege (3140410)
- MS16-032 Security Update for Secondary Logon to Address Elevation of Privilege (3143141)
- MS16-033 Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege (3143142)
- MS16-034 Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145)
- MS16-035 Security Update for .NET Framework to Address Security Feature Bypass (3141780)
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References:
https://technet.microsoft.com/en-us/library/security/ms16-mar.aspx