Security Affairs
Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

February 2016 Patch Tuesday – All Windows are affected by a critical flaw

Microsoft February 2016 Patch Tuesday updates include a total of 13 bulletins that resolve a total of 41 security flaws in Windows, one of them affects all supported versions. All supported versions of Windows are affected by a critical vulnerability recently fixed by Microsoft. The IT giant has released 13 security bulletins, six issues are rated as […]

Microsoft Patch Tuesday

Microsoft February 2016 Patch Tuesday updates include a total of 13 bulletins that resolve a total of 41 security flaws in Windows, one of them affects all supported versions.

All supported versions of Windows are affected by a critical vulnerability recently fixed by Microsoft. The IT giant has released 13 security bulletins, six issues are rated as critical. The security bulletins resolve a total of 41 security flaws in Microsoft software.

One of the bulletins in the February 2016 Patch Tuesday, the MS16-022, fixes the 22 Flash Player flaws recently resolved by Adobe, including the Flash libraries used in Microsoft Internet Explorer 10 and 11, and Edge browsers.

A vulnerability in the Microsoft Windows 10 operating system, as well as Windows Server 2016 Tech Preview 4, has captured the attention of the security community.

The MS16-013 vulnerability is a memory-corruption flaw and could be exploited by remote attackers to execute arbitrary code as the logged-in user by tricking a user into opening a specially crafted Journal file. Fortunately, according to Microsoft the vulnerability has not been exploited in the wild.

This vulnerability would allow attackers to run malicious programs on a targeted machine and create new accounts with full user rights.

“The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.” states the official description published by Microsoft.

The list of February 2016 Patch Tuesday bulletins includes also the MS16-015, which fixes critical vulnerabilities in Microsoft Office security that can be exploited to execute arbitrary code in the context of the targeted user simply tricking victims into opening a specially crafted.

The complete list of fixes is reported below:

  • MS16-009: A cumulative security update for Internet Explorer 9 through 11. The update patches 13 security issues, including remote-code-execution (RCE) and information disclosure bugs.
  • MS16-011: Another cumulative update for the Microsoft’s newest Edge browser in Windows 10 patches 6 security issues, 4 of which are remote code execution vulnerabilities.
  • MS16-012: An update addresses two remote-code-execution flaws in Windows PDF Library and Reader for Windows 8.1, Windows 10 and Server 2012. Flaws could allow attackers to run malicious code on an affected system by tricking users into opening a specially-crafted PDF file.
  • MS16-015: An update patches 6 memory-corruption vulnerabilities in Microsoft Office, each of which could allow a remote attacker to run arbitrary code by tricking a user intoopening a specially-crafted Office file.
  • MS16-022: A security update resolves more than two dozen vulnerabilities in Adobe Flash Player on all supported versions of Windows 8.1, Windows 10, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1.

Microsoft Windows flaws February 2016 Patch Tuesday February 2016

Microsoft also launched a page for public tracking of Windows 10 update (Windows 10 update history) an effort to show users the improvement applied by the company to its OS.

“We’re committed to our customers and strive to incorporate their feedback, both in how we deliver Windows as a service and the info we provide about Windows 10,” states Microsoft .

“In response to this feedback, we are providing more details about the Windows 10 updates we deliver through Windows Update. You’ll see a summary of important product developments included in each update, with links to more details.”

Pierluigi Paganini

(Security Affairs – Microsoft Windows, Microsoft February 2016 Patch Tuesday)