SIA Alert - Microsoft Patch Tuesday - 2/9/16

Microsoft brought us 13 patches this month, six of them rated ‘Critical’ on the MS scale. All six resolve RCE (remote code execution) problems in Flash Player, Office, Windows Journal, the PDF Library, Edge, and Internet Explorer. The rest deal with elevation of privilege, denial of service, and security feature bypass vulnerabilities.

Here are the individual security bulletins along with hot links to Microsoft’s technical description of each:

Bulletin	KB	Severity	Impact	Title
MS16-022	3135782	Critical	Remote Code Execution	Security Update for Adobe Flash Player
MS16-021	3133043	Important	Denial of Service	Security Update for NPS RADIUS Server to Address Denial of Service
MS16-020	3134222	Important	Denial of Service	Security Update for Active Directory Federation Services to Address Denial of Service
MS16-019	3137893	Important	Denial of Service	Security Update for .NET Framework to Address Denial of Service
MS16-018	3136082	Important	Elevation of Privilege	Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege
MS16-017	3134700	Important	Elevation of Privilege	Security Update for Remote Desktop Display Driver to Address Elevation of Privilege
MS16-016	3136041	Important	Elevation of Privilege	Security Update for WebDAV to Address Elevation of Privilege
MS16-015	3134226	Critical	Remote Code Execution	Security Update for Microsoft Office to Address Remote Code Execution
MS16-014	3134228	Important	Remote Code Execution	Security Update for Microsoft Windows to Address Remote Code Execution
MS16-013	3134811	Critical	Remote Code Execution	Security Update for Windows Journal to Address Remote Code Execution
MS16-012	3138938	Critical	Remote Code Execution	Security Update for Microsoft Windows PDF Library to Address Remote Code Execution
MS16-011	3134225	Critical	Remote Code Execution	Cumulative Security Update for Microsoft Edge
MS16-009	3134220	Critical	Remote Code Execution	Cumulative Security Update for Internet Explorer

A complete description of the February Patch Tuesday releases can be found at the following Microsoft TechNet site:  https://technet.microsoft.com/library/security/ms16-Feb?f=255&MSPPError=-2147217396

Quotes of the Month:

"A fool thinks himself to be wise, but a wise man knows himself to be a fool." - William Shakespeare

"Learn from the mistakes of others. You can never live long enough to make them all yourself." --Groucho Marx

Tip of the Month:

There have been more regions of the country that are seeing forced Windows 10 updates through the Microsoft Update site.

Initially, the update was listed as optional, and on some systems, it still is. However, more systems that are set to Auto Updates have seen the operating system update listed as mandatory, and the user is not given the choice to opt out. This is happening on Windows 7 and 8/8.1 Home versions as well as some Windows 7 Pro versions, including domain joined systems. So far, we have not heard of it happening on Enterprise versions, which must be purchased through Microsoft’s Open Licensing Program (OLP).

If you do not want to update to Windows 10, we now recommend you turn off Auto Updates, and hide any Windows 10 update notification. Once you hide it, you will not see it again. To turn off Auto Updates, go to Windows Update in Control Panel and click on Settings in the left column. On Important Updates in the drop down, click on ‘Check for updates but let me choose whether to download and install them.’

If you see the Windows 10 update, right click on it and choose the hide option. If you don’t see it, keep looking for it each new update cycle to make sure they don’t sneak it in. Also, If you don’t see the hide option in the drop down, try restarting the Windows Update application, or as a last resort, reboot and try again.

Also make sure you place a check mark in Recommended updates, so it also checks for those updates.

Of course, you will then have to remember to manually update both Important as well as Recommended updates after each Patch Tuesday, but at least you will be in control, not Microsoft.

Also, to remove the Windows 10 nag that may have appeared in the lower right taskbar, go to Windows Update and View History. Search for and remove KB3035583 which is the responsible bulletin. Then the next time your run Windows Update, when KB3035583 reappears, hide the update, and you should be rid of it.