[월:] 2016년 06월

MS16-081 – Important: Security Update for Active Directory (3160352) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (June 14, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Active Directory. The vulnerability could allow denial of service if an authenticated attacker creates multiple machine accounts. To exploit the vulnerability an attacker must have an account that has privileges to join machines to the domain. Source: MS16-081 – Important: Security Update for Active Directory (3160352) – Version: 1.0

MS16-075 – Important: Security Update for Windows SMB Server (3164038) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (June 14, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. Source: MS16-075 – Important: Security Update for Windows SMB Server (3164038) – Version: 1.0

MS16-069 – Critical: Cumulative Security Update for JScript and VBScript (3163640) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (June 14, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in the JScript and VBScript scripting engines in Microsoft Windows. The vulnerabilities could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Source: MS16-069 – Critical: Cumulative Security Update for JScript and VBScript (3163640) – Version: 1.0

MS16-078 – Important: Security Update for Windows Diagnostic Hub (3165479) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (June 14, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. Source: MS16-078 – Important: Security Update for Windows Diagnostic Hub (3165479) – Version: 1.0

MS16-063 – Critical: Cumulative Security Update for Internet Explorer (3163649) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (June 14, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Source: MS16-063 – Critical: Cumulative Security Update for Internet Explorer (3163649) – Version: 1.0