Microsoft Security Updates March 2016

Microsoft releases thirteen bulletins this month, patching a total of 44 vulnerabilities. More than half of the critical vulnerabilities fixed this month support the web browsers, Internet Explorer and Microsoft Edge. Vulnerabilities rated critical also exist in Opentype font parsing kernel components, Windows Media Player, and the Windows PDF library. Microsoft reports that none of these vulnerabilities have been publicly disclosed or exploited in the wild. Most everyone running a Windows system that installs these updates will have to reboot that system. A variety of OS, kernel driver, web browser, and entertainment and productivity applications are affected.

• Internet Explorer
• Microsoft Edge
• Microsoft Mail Library Loading Validation
• Windows Adobe Type Manager Library OpenType Font Parsing (in the past, atmfd.dll)
• Windows Media
• Microsoft Office
• Windows OLE supporting applications like Microsoft Office (Asycfilt.dll, Ole32.dll, Oleaut32.dll, Olepro32.dll)
• Windows Security Authority (seclogon.dll)
• Multiple Drivers (KMD)
• .Net Framework

Microsoft is patching yet another dll sideloading vulnerability, a fairly common problem. Microsoft has been addressing dll pre/side-load problems since Win2k SP4! But this one appears to be a bit of a corner case, requiring the use of Microsoft Mail, and a malicious OLE document be opened for editing on the target’s system.

We are anticipating that more than a couple of these vulnerabilities will be attacked in the wild. In the meantime, we are prioritizing other packages, like Adobe and their updates.