Microsoft Security Updates January 2016

New Year's greetings with Silverlight and five other Critical Bulletins!

с новым годом! Microsoft rings in the New Year with a new set of ten security bulletins MS16-001 through MS16-010, patching 24 CVE detailed vulnerabilities. These bulletins effect Microsoft web browsers and plugins, Office software, Windows system software, and Exchange mail servers. Six of them maintain a critical rating. The Critical bulletins effect the following software:

    • Silverlight Runtime
    • Internet Explorer
    • Microsoft Edge
    • VBScript and JScript scripting engine
    • Microsoft Office, Visio, and SharePoint
    • Windows Win32k Kernel Components

Somewhat surprisingly with over twenty vulnerabilities, Microsoft claims to be unaware of public exploitation of any of them at the time of reporting, however they acknowledge at least three were publicly disclosed. Nonetheless, the urgency to patch remains, so please update your software.

Of these, the Silverlight vulnerability CVE-2016-0034 (note that Mitre records the CVE as assigned on 2015.12.04) appears to be the most interesting and most risky, as it enabled remote code execution across multiple platforms for this widespread software, including Apple. But more of the IE, Edge and add-on related vulnerabilities also provide opportunity for mass exploitation. Don’t forget to return to Securelist soon for concrete perspective and upcoming posts detailing past and ongoing exploitation of these issues.

It’s also assuring to see Microsoft security operations pushing the edges of improving TLS algorithms to encrypt web sessions and provide greater privacy. Even their Technet page for a summary of these Bulletins provides TLS 1.2, implementing 3DES_EDE_CBC with HMAC-SHA1 and a RSA key exchange. But, it looks like their research group hasn’t pushed forward their work on post-quantum resistant TLS key exchange (Full RWLE Paper [pdf]), as “R-LWE in TLS” into production. Tomorrow’s privacy will have to wait.

Microsoft Security Updates January 2016

Your email address will not be published. Required fields are marked *


  1. augustine oryema

    Yes those vulnerabilities you mention is now at advance level, Microsoft believed they got enough update to Katter for those but they unaware that these malware block/change services local by default and lock it in the registry, these update will not be install and they are not even getting Data from those infected computers, their researcher out of touch with what is happening. these super Trojan is running in separate memory and store its setting in lock registry files, if a user log in, it will trigger remote execution, I got infected hard drive want to give for research purposes.

  2. Wayne Fields, qualified IT professional

    Recently I tried to download an unlocker program because Adobe won’t respond to not being able to delete old pdf files.
    Unfortunately, it turned out to have a nasty virus that thank goodness was picked up by my Kapsersky protection and it removed it. But it left my settings so screwed up I had to do a system restore, and thank goodness the computer is fine! Watch out for them!


Ferocious Kitten: 6 years of covert surveillance in Iran

Ferocious Kitten is an APT group that has been targeting Persian-speaking individuals in Iran. Some of the TTPs used by this threat actor are reminiscent of other groups, such as Domestic Kitten and Rampant Kitten. In this report we aim to provide more details on these findings.

Andariel evolves to target South Korea with ransomware

In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. After a deep analysis, we came to a conclusion: the Andariel group was behind these attacks.

Operation TunnelSnake

A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia.

Subscribe to our weekly e-mails

The hottest research right in your inbox