Weekly Patch and Update Summary for Week of June 17, 2016

For all patches and updates listed below please use the appropriate updating methods for your system.  It is advised that you patch and update your system as soon as possible.

Microsoft

Microsoft has released their June 2016 Security Bulletin.  There are 16 updates that address multiple vulnerabilities across multiple products.  For more information please see Microsoft Security Bulletin Summary for June 2016.

List of Updates:

• MS16-082 Security Update for Microsoft Windows Search Component
• MS16-081 Security Update for Active Directory
• MS16-080 Security Update for Microsoft Windows PDF
• MS16-079 Security Update for Microsoft Exchange Server
• MS16-078 Security Update for Windows Diagnostic Hub
• MS16-077 Security Update for WPAD
• MS16-076 Security Update for Netlogon
• MS16-075 Security Update for Windows SMB Server
• MS16-074 Security Update for Microsoft Graphics Component
• MS16-073 Security Update for Windows Kernel-Mode Drivers
• MS16-072 Security Update for Group Policy
• MS16-071 Security Update for Microsoft Windows DNS Server
• MS16-070 Security Update for Microsoft Office
• MS16-069 Cumulative Security Update for JScript and VBScript
• MS16-068 Cumulative Security Update for Microsoft Edge
• MS16-063 Cumulative Security Update for Internet Explorer

Adobe

Adobe has released security updates to address vulnerabilities in DNG Software Development (SDK), Brackets, Creative Cloud Desktop Application and Cold Fusion.  These vulnerabilities may allow a remote attacker to gain control of a system.

List of Updates:

• APSB16-19 Adobe DNS Software Development Kit (SDK)
• APSB16-20 Brackets
• APSB16-21 Creative Cloud
• APSB16-22 Cold Fusion

Adobe has also released security updates to address vulnerabilities in Adobe Flash Player and Adobe AIR.  These vulnerabilities may allow a remote attacker to gain control of a system.  There have been limited attacks on specific targets using the critical vulnerability for Flash Player.

List of Updates:

• APSB16-18 Adobe Flash Player
• APSB16-23 Adobe Air

VMware

VMware has released security updates to address vulnerabilities in NSX, vCNS, vRealize Log Insight and vCenter Server.  These vulnerabilities may allow a remote attacker to gain control of a system.

List of Updates:

• VMSA-2016-0007
• VMSA-2016-0008
• VMSA-2016-0009

Google

Google has released Chrome version 51.0.2704.103.  This addresses many vulnerabilities for Windows, Mac and Linux.  These vulnerabilities may allow a remote attacker to gain control of a system.  Please see Chrome Releases for more information.

Cisco

Cisco has released security updates to address vulnerabilities in the web-based management interface for the following router models:

• RV110W
• RV130W
• RV215W

These vulnerabilities may allow a remote attacker to gain control of a system.

List of Updates:

• Arbitrary Code Execution Vulnerability
• Cross-Site Scripting Vulnerability
• HTTP Request Buffer Overflow Vulnerability 1
• HTTP Request Buffer Overflow Vulnerability 2

Ubuntu

Canonical has released many security updates for their operating system Ubuntu.  For more information please see Ubuntu Security Notices.

List of Updates:

• USN-3008-1: Linux kernel (Qualcomm Snapdragon) vulnerability
• USN-3007-1: Linux kernel (Raspberry Pi 2) vulnerabilities
• USN-3006-1: Linux kernel vulnerabilities
• USN-3005-1: Linux kernel (Xenial HWE) vulnerabilities
• USN-3004-1: Linux kernel (Raspberry Pi 2) vulnerabilities
• USN-3003-1: Linux kernel vulnerabilities
• USN-3002-1: Linux kernel (Wily HWE) vulnerabilities
• USN-3001-1: Linux kernel (Vivid HWE) vulnerabilities
• USN-3000-1: Linux kernel (Utopic HWE) vulnerabilities
• USN-2999-1: Linux kernel vulnerability
• USN-2998-1: Linux kernel (Trusty HWE) vulnerabilities
• USN-2997-1: Linux kernel (OMAP4) vulnerabilities