Weekly Patch and Update Summary for Week of March 11, 2016
By Taylor Sakuda on March 11, 2016
For all patches and updates listed below please use the appropriate updating methods for your system. It is advised that you patch and update your system as soon and possible.
Mozilla released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. These vulnerabilities may allow attackers to take control of an affected system. For more information please see Security Advisories for Firefox and Security Advisories for Firefox ESR.
Below is the list of updates:
- Firefox 45
- Firefox ESR 38.7
Adobe has released security updates to address multiple vulnerabilities in Flash Player, Acrobat, Reader, and Digital Editions. These vulnerabilities may allow attackers to take control of an affected system. For more information please see APSB16-09, APSB16-06 and APSB16-08
The Internet System Consortium (ISC) has released a security update to address a vulnerability in ISC Dynamic Host Configuration Protocol (DHCP). This vulnerability may allow attackers to cause a denial of service (dos). For more information please see AA-01354.
ISC also released updates to address multiple vulnerabilities in BIND. These Vulnerabilities may allow attackers to cause a denial of service. For more information, please see AA-01351, AA-01352, and AA-01353
Below is the list of updates:
- BIND 9 version 9.9.8-P4
- BIND 9 version 9.10.3-P4
- BIND 9 version 9.9.8-S6
Google has released security updates to address multiple vulnerabilities in Android. The update will be delivered via over the air (OTA). Nexus devices will receive the update first, with partner’s shorty after. The most severe vulnerability allows attackers to execute remote code through email, web browsing and MMS. For more information please see Nexus Security Bulletin – March 2016.
Google also released a security for Chrome to address multiple vulnerabilities for Windows Mac and Linux. These vulnerabilities may allow attackers to take control of an affected system. For more information please see Chrome Releases.
Apple has released a security update to address a vulnerability in Apple Software Update. This Vulnerability may allow attackers to take control of an affected system. For more information please see Apple Software Update 2.2V.
Microsoft has released security updates for to address multiple vulnerably in multiple versions of Windows and Windows Server. Vulnerabilities may allow attackers to execute remote code, elevate privilege or bypass security features. For more information please see Microsoft Security Bulletin Summary for March 2016.
Below is the list of updates:
- MS16-023: Cumulative Security Update for Internet Explorer (3142015)
- MS16-024: Cumulative Security Update for Microsoft Edge (3142019)
- MS16-025: Security Update for Windows Library Loading to Address Remote Code Execution (3140709)
- MS16-026: Security Update for Graphic Fonts to Address Remote Code Execution (3143148)
- MS16-027: Security Update for Windows Media to Address Remote Code Execution (3143146)
- MS16-028: Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3143081)
- MS16-029: Security Update for Microsoft Office to Address Remote Code Execution (3141806)
- MS16-030: Security Update for Windows OLE to Address Remote Code Execution (3143136)
- MS16-031: Security Update for Microsoft Windows to Address Elevation of Privilege (3140410)
- MS16-032: Security Update for Secondary Logon to Address Elevation of Privilege (3143141)
- MS16-033: Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege (3143142)
- MS16-034: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145)
- MS16-035: Security Update for .NET Framework to Address Security Feature Bypass (3141780)
Canonical also released many security updates for their operating system Ubuntu. For more information please see Ubuntu security notices.
Below is the list of updates:
- USN-2920-1: Oxide vulnerabilities
- USN-2926-1: OTR vulnerability
- USN-2925-1: Bind vulnerabilities
- USN-2924-1: NSS vulnerability
- USN-2917-1: Firefox vulnerabilities
- USN-2923-1: BeanShell vulnerability
- USN-2922-1: Samba vulnerabilities
- USN-2904-1: Thunderbird vulnerabilities
- USN-2915-3: Django regression
- USN-2921-1: Squid vulnerabilities
- USN-2915-2: Django regression
-
Weekly Patch and Update Summary for Week of February 17, 2017
Weekly Patch and Update Summary for Week of February 17, 2017
2/21/2017 -
Weekly Patch and Update Summary for Week of November 18, 2016
Weekly Patch and Update Summary for Week of November 18, 2016
11/17/2016 -
Weekly Patch and Update Summary for Week of November 11, 2016
Weekly Patch and Update Summary for Week of November 11, 2016
11/10/2016