Vulnerability Summary for the Week of February 8, 2016 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The !" indentity number is the #ublicly $nown %& given to that #articular vulnerability. Therefore you can search the status of that #articular vulnerability using that %&. • The !'S (Common !ulnerability 'coring System) score is a standard scoring system used to determine the severity of the vulnerability. Multi#le Vulnerabilities in Microsoft Products Original %ssue Date: +ebruary ,-, .-,/ 'everity 0ating: High 'ystems 1ffected 2indows !ista 3/4 Edition 'ervice Pac$ . 2indows 5 for 6.7bit and 3/4 based 'ystems 'ervice Pac$ , 2indows 'erver .--8 for 6.7bit, 3/4 based 9 %tanium7based 'ystems 'ervice Pac$ . 2indows 'erver .--8 0. for 3/47based 'ystems 'ervice Pac$ , 2indows 'erver .--8 0. for 'ystems 'ervice Pac$ . 2indows 8.1 for 6.7bit and 3/4 based 'ystems 2indows 'erver .--8 for 6.7bit, 3/47based 9 %tanium7based 'ystems 'P . 2indows 'erver .--8 for 6.7bit and 3/47based 'ystems 'P . ('erver ore installation) 2indows 'erver .--8 0. for 3/47based 'ystems 'P , ('erver ore installation) 2indows ,- for 6.7bit and 3/4 based 'ystems 2indows ,- !ersion ,:,, for 6.7bit and 3/4 based 'ystems 2indows 'erver .-,. 2indows 'erver .-,. ('erver ore installation) 2indows 'erver .-,. 0. ('erver ore installation) Microsoft Office .--5 'P 6 Microsoft Office .-,- 'P . (6.7bit editions and /47bit editions) Microsoft "3cel .-,6 'P , (6.7bit editions and /47bit editions) Microsoft "3cel .-,6 0T 'P, Microsoft 2ord .-,6 0T 'P, Microsoft "3cel .-,/ (6.7bit edition and /47bit editions) Microsoft "3cel for Mac .-,, Microsoft 2ord for Mac .-,, Microsoft "3cel .-,/ for Mac Microsoft 2ord .-,/ for Mac Microsoft Office om#atibility Pac$ 'P6 Microsoft "3cel !iewer Microsoft 2ord !iewer "3cel 'ervices on Microsoft 'harePoint 'erver .--5 'P6 (6.7bit editions and /47bit editions) "3cel 'ervices on Microsoft 'harePoint 'erver .-,- 'P. "3cel 'ervices on Microsoft 'harePoint 'erver .-,6 'P, 2ord 1utomation 'ervices on Microsoft 'harePoint 'erver .-,6 'P, Microsoft Office 2eb 1##s .-,- 'P. Microsoft Office 2eb 1##s 'erver .-,6 'P, Microsoft 'harePoint 'erver .-,6 'P, Microsoft 'harePoint +oundation .-,6 'P, 1dobe +lash Player for Microsoft Edge and %nternet "3#lorer ,, 1dobe +lash Player Des$top 0untime 1%0 Des$top 0untime Overview Multi#le !ulnerabilities have been re#orted in various com#onents of Microsoft Products. &escri#tion The vulnerability notes released by "0T7%n with reference to Microsoft 'ecurity ;ulletins are given below: Microsoft 'ecurity ;ulletin 'everity "0T7%n !ulnerability Notes M',/7--<: umulative Security =#date for High %VN7.-,/7--6: %nternet "3#lorer Multi#le !ulnerabilities in Microsoft %nternet "3#lorer M',/7-,,: umulative Security =#date for High %VN7.-,/7--6/ Microsoft "dge Multi#le !ulnerabilities in Microsoft "dge M',/7-,.:Security =#date for Microsoft High %VN7.-,/7--65 2indows P&+ Library to 1ddress 0emote Multi#le vulnerabilities in Microsoft Code "3ecution 2indows 0eader and P&+ Library M',/7-,6:Security =#date for 2indows High %VN7.-,/7--68 >ournal to 1ddress 0emote Code "3ecution Microsoft 2indows >ournal 0emote Code "3ecution !ulnerability M',/7-,4:Security =#date for Microsoft High %VN7.-,/7--6< 2indows to 1ddress 0emote Code "3ecution Multi#le vulnerabilities in Microsoft 2indows M',/7-,::Security =#date for Microsoft High %VN7.-,/7--4- *ffice to 1ddress 0emote Code "3ecution Multi#le !ulnerabilities in Microsoft *ffice M',/7-,/:Security =#date for 2eb&1! to High %VN7.-,/7--4, 1ddress "levation of Privilege Microsoft 2indows 2eb&1V Privilege "scalation !ulnerability M',/7-,5:Security =#date for 0emote High %VN7.-,/7--4. &es$top &is#lay &river to 1ddress "levation Microsoft 2indows 0emote &es$top of Privilege Protocol Privilege "scalation !ulnerability M',/7-,8:Security =#date for 2indows Medium %VN7.-,/7--46 ?ernel7Mode &rivers to 1ddress "levation of Microsoft 2indows ?ernel7Mode &river Privilege Privilege "scalation Vulnerability M',/7-,<:Security =#date for .N"T Medium %VN7.-,/7--44 +ramewor$ to 1ddress &enial of Service Multi#le !ulnerabilities in Microsoft .Net +ramewor$ M',/7-.-:Security =#date for 1ctive Medium %VN7.-,/7--4: &irectory +ederation Services to 1ddress &enial of Service Vulnerability in 1ctive &enial of Service &irectory +ederation Services M',/7-.,:Security =#date for NPS 01&%=S Medium %VN7.-,/7--4/ Server to 1ddress &enial of Service &enial of Service Vulnerability in Microsoft 2indows NPS 01&%=S Server M',/7-..:Security =#date for 1dobe +lash High %VN7.-,/7--45 Player Multi#le !ulnerabilities in 1dobe +lash Player 'olution 1##ly a##ropriate #atches as mentioned in Microsoft 'ecurity ;ulletin +ebruary .-,/ htt#s:/@technet.microsoft.com@en7us@library/security/ms,/7feb.as#3 • Sources: Microsoft Cor#oration htt#s:/@technet.microsoft.com@en7us@library/security/ms,/7feb.as#3 Uganda Communications Commission – UGCERT Email: [email protected] Tel + 256 414 302 100/150 Toll Free: 0800 133 911 Website www.ug-cert.ug Face book / Twitter: UGCERT.