Blog Archives

Security Thoughts: Vulnerability in DNS Server could allow remote code execution (MS16-071, KB3164065, CVE-2016-3227)

This entry is part 1 of 4 in the series June 2016 Patch Tuesday

Yesterday, Microsoft released update KB3161951 as part of its June 2016 Patch Tuesday to address a critical use after free vulnerability that affects DNS Servers running Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016 Technical Previews.   About the vulnerability A remote code execution vulnerability exists in Windows Domain Name System (DNS) […]

0  

Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)

This entry is part 2 of 4 in the series June 2016 Patch Tuesday

Yesterday, Microsoft released update 3163622 as part of its June 2016 Patch Tuesday to address an important vulnerability that affects Group Policy on Windows 10.   About the vulnerability The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target […]

0  

Security Thoughts: Vulnerability in Netlogon could allow remote code execution (MS16-076, KB3167691, CVE-2016-3228)

This entry is part 3 of 4 in the series June 2016 Patch Tuesday

Yesterday, Microsoft released update 3167691 as part of its June 2016 Patch Tuesday to address an important vulnerability in Windows Server’s Netlogon functionality, allowing remote code execution on all supported Windows Server versions. About the vulnerability A vulnerability has been detected, that could allow remote code execution if an attacker with access to a Windows […]

1  

Security Thoughts: Vulnerability in Active Directory could allow denial of service (MS16-081, KB3160352, CVE-2016-3226)

This entry is part 4 of 4 in the series June 2016 Patch Tuesday

Yesterday, Microsoft released update 3160352 as part of its June 2016 Patch Tuesday to address an important vulnerability in Active Directory, allowing denial of service. This security update is rated Important for all supported editions of Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 About the vulnerability A vulnerability has been […]

0