{"id":184992,"date":"2016-12-13T19:51:15","date_gmt":"2016-12-13T18:51:15","guid":{"rendered":"http:\/\/www.borncity.com\/blog\/?p=184992"},"modified":"2022-11-21T18:43:29","modified_gmt":"2022-11-21T17:43:29","slug":"microsoft-security-bulletin-zum-dezember-2016-patchday","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2016\/12\/13\/microsoft-security-bulletin-zum-dezember-2016-patchday\/","title":{"rendered":"Microsoft Security-Bulletin zum Dezember 2016-Patchday"},"content":{"rendered":"

\"WindowsAm 13. Dezember 2016 hat Microsoft diverse Sicherheits-Update f\u00fcr Windows, Office und weitere Microsoft-Produkte freigeben. Dazu sind auch Security Bulletins erschienen, die die Sicherheitsl\u00fccken beschreiben.<\/p>\n

<\/p>\n

\"\"Insgesamt werden 12 Security Bulletins f\u00fcr Dezember 2016 f\u00fcr Windows, Internet Explorer, Edge, Office, den Flash Player und das .NET Framework aufgelistet.<\/p>\n

Kritische Sicherheits-Updates f\u00fcr Windows (Dezember 2016)<\/h3>\n

MS16-144<\/a>: Cumulative Security Update for Internet Explorer (3204059)<\/strong>
\nThis security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.<\/p>\n

Critical, Restart required<\/p>\n

MS16-145<\/a>: Cumulative Security Update for Microsoft Edge (3204062)<\/strong>
\nThis security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.<\/p>\n

Critical, Restart required<\/p>\n

MS16-146<\/a>: Security Update for Microsoft Graphics Component (3204066)
\n<\/strong>This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.<\/p>\n

Critical, Restart required<\/p>\n

MS16-147<\/a>: Security Update for Microsoft Uniscribe (3204063)<\/strong>
\nThis security update resolves a vulnerability in Windows Uniscribe. The vulnerability could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.<\/p>\n

Critical, Restart required<\/p>\n

MS16-148<\/a>: Security Update for Microsoft Office (3204068)
\n<\/strong>This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.<\/p>\n

Critical<\/p>\n

Wichtige Sicherheits-Updates f\u00fcr Windows (November 2016)<\/h3>\n

MS16-149<\/a>: Security Update for Microsoft Windows (3205655)
\n<\/strong>This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application.<\/p>\n

Important, Restart required<\/p>\n

MS16-150<\/a>: Security Update for Secure Kernel Mode (3205642)
\n<\/strong>This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if a locally-authenticated attacker runs a specially crafted application on a targeted system. An attacker who successfully exploited the vulnerability could violate virtual trust levels (VTL).<\/p>\n

Important, Restart required<\/p>\n

MS16-151<\/a>: Security Update for Windows Kernel-Mode Drivers (3205651)
\n<\/strong>This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.<\/p>\n

Important, Restart required<\/p>\n

MS16-152<\/a>: Security Update for Windows Kernel (3199709)
\n<\/strong>This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when the Windows kernel improperly handles objects in memory.<\/p>\n

Important, Restart required<\/p>\n

MS16-153<\/a>: Security Update for Common Log File System Driver (3207328)
\n<\/strong>This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to bypass security measures on the affected system allowing further exploitation.<\/p>\n

Important, Restart required<\/p>\n

MS16-154<\/a>: Security Update for Adobe Flash Player (3209498)
\n<\/strong>This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.<\/p>\n

Important, Restart required<\/p>\n

MS16-155<\/a>: Security Update for .NET Framework (3205640)
\n<\/strong>This security update resolves a vulnerability in Microsoft .NET 4.6.2 Framework's Data Provider for SQL Server. A security vulnerability exists in Microsoft .NET Framework 4.6.2 that could allow an attacker to access information that is defended by theAlways Encrypted<\/a> feature.<\/p>\n

Eine \u00dcbersicht der Updates wurde von Microsoft auf der Webseite Microsoft Security Bulletin Summary for December 2016<\/a> ver\u00f6ffentlicht. Zu den Security Bulletins gibt Microsoft Update Rollups f\u00fcr Windows 7 SP1\/Windows 8.1 und deren Server Pendats, sowie cumulative Updates f\u00fcr Windows 10 und Windows Server 2016 heraus. Zu den Updates f\u00fcr Windows gibt es separate Blog-Beitr\u00e4ge (siehe Link-Liste). Die Updates f\u00fcr Office, sowie f\u00fcr .NET Framework lassen sich \u00fcber die obigen Bulletins abrufen. Ab Januar wird Microsoft die Infos zu Update \u00fcber diese Sicherheitsseite<\/a> bereitstellen.<\/p>\n

\u00c4hnliche Artikel:<\/strong>
\nOffice-Patchday, Updates zum 6. Dezember 2016<\/a>
\nNovember-Patchday: Installationsprobleme (Windows 10)<\/a>
\nMicrosoft Patchday 8. November 2016<\/a>
\nUpdates KB3207752, KB3205394 (Windows 7) und KB3205401, KB3205400 (Windows 8.1)<\/a>
\nWindows 10: Dezember 2016 Updates (KB3205383, KB3205386, KB3206632)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Am 13. Dezember 2016 hat Microsoft diverse Sicherheits-Update f\u00fcr Windows, Office und weitere Microsoft-Produkte freigeben. Dazu sind auch Security Bulletins erschienen, die die Sicherheitsl\u00fccken beschreiben.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,185,301],"tags":[5778,672,1879,4328,4315,3288],"class_list":["post-184992","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-update","category-windows","tag-dezember-2016","tag-microsoft","tag-security-bulletin","tag-sicherheit","tag-update","tag-windows-en"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/184992","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=184992"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/184992\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=184992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=184992"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=184992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}