The Microsoft Security Bulletins overview for February 2016 provides you with detailed information about security and non-security patches that Microsoft released for its Windows operating system and other company products since the January 2016 release.
The overview begins with an executive summary listing the most important facts. What follows afterwards is the patch distribution across different client and server versions of the Windows operating system, and other Microsoft products.
Lists of the security bulletins, advisories, and non-security updates released in February 2016 are listed next. Each offering a short description of the patch or bulletin released, and a link to the Microsoft website for further information.
Last but not least, download instructions are provided and options are listed.
Executive Summary
Operating System Distribution
All client versions of Windows are affected by at least two bulletins that have been rated critical. Windows 8.1 and Windows 10 are affected by the most, with Windows 8.1 being affected by four critical and 3 important bulletins, and Windows 10 by 5 critical and 3 important vulnerabilities.
As has been the case in the past, the additional critical bulletin is for the Microsoft Edge browser which is a Windows 10 exclusive.
Other Microsoft Products
Security Bulletins
MS16-009 - Cumulative Security Update for Internet Explorer (3134220) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
MS16-011 - Cumulative Security Update for Microsoft Edge (3134225) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.
MS16-012 - Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3138938) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if Microsoft Windows PDF Library improperly handles application programming interface (API) calls, which could allow an attacker to run arbitrary code on the user’s system.
MS16-013 - Security Update for Windows Journal to Address Remote Code Execution (3134811) - Critical - Remote Code Execution
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file.
MS16-014 - Security Update for Microsoft Windows to Address Remote Code Execution (3134228)- Important - Remote Code Execution
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application.
MS16-015 - Security Update for Microsoft Office to Address Remote Code Execution (3134226) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.
MS16-016 - Security Update for WebDAV to Address Elevation of Privilege (3136041) - Important -
Elevation of Privilege
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker uses the Microsoft Web Distributed Authoring and Versioning (WebDAV) client to send specifically crafted input to a server.
MS16-017 - Security Update for Remote Desktop Display Driver to Address Elevation of Privilege (3134700) - Important - Elevation of Privilege
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an authenticated attacker logs on to the target system using RDP and sends specially crafted data over the connection. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
MS16-018 - Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3136082) - Important - Elevation of Privilege
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
MS16-019 - Security Update for .NET Framework to Address Denial of Service (3137893) - Important -
Denial of Service
This security update resolves vulnerabilities in Microsoft .NET Framework. The more severe of the vulnerabilities could cause denial of service if an attacker inserts specially crafted XSLT into a client-side XML web part, causing the server to recursively compile XSLT transforms.
MS16-020 - Security Update for Active Directory Federation Services to Address Denial of Service (3134222) - Important - Denial of Service
This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow denial of service if an attacker sends certain input data during forms-based authentication to an ADFS server, causing the server to become nonresponsive.
MS16-021 - Security Update for NPS RADIUS Server to Address Denial of Service (3133043) - Important - Denial of Service
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could cause denial of service on a Network Policy Server (NPS) if an attacker sends specially crafted username strings to the NPS, which could prevent RADIUS authentication on the NPS.
MS16-022 - Security Update for Adobe Flash Player (3135782) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
Security Advisories and updates
Advisory 3127909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering
Non-security related updates
How to download and install the February 2016 security updates
Windows users can install all security patches for their operating system and also optional non-security patches using Windows Update.
Windows Update is an automated updating tool that is built-in to Windows to download and install patches that Microsoft releases.
Update checks are run frequently but not in real-time. Run a manual check for Windows updates if you want to grab the updates as soon as they are available.
You can do so in the following way:
Depending on how Windows Update is configured, Windows may download these updates automatically, or present them to you only giving you options to select the updates that you want installed on your system.
Windows patches are made available on Microsoft's Download Center site as well from where they can be downloaded individually. You may also download a monthly security ISO image that Microsoft releases that contains all patches for all supported operating systems released in that month.
Consult our Windows Update guide linked below for additional options and troubleshooting information.
Additional resources
Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
In my batch of 27 “important updates” today was also this mysterious one: “Update for Windows 8.1 for x64-based Systems (KB3132080).
The “more information” link to this update’s description page at Microsoft’s support site produced just an error (page does not exist). My further search for this update online showed that a few other people were also wondering what this one is meant to do, but I found no clear answer.
Would any one here happen to know what this KB3132080 is for? In the recent months my distrust of Windows Update has grown to the extent that I will block this one until I know for sure it has nothing to do with “preparing” my system for Windows 10…
Thanks for any possible info that Microsoft itself failed to give here!
Microsoft is particularly bad when it comes to publishing support pages as they are often delayed. I guess we will have to wait a bit longer before the support page gets published before we know more about the update.
Amen!
I have the same problem and the same reason to not install this update. Another recent important update kb3126041 also has this same page not exist problem.
more info link on KB3126041 is showing: “Try searching for what you need
This page doesn’t exist.
iAKETxtNBW8CbnhF.0”
KB3132080: Logon freezes after you reset your password in Windows 8.1, or Stop error 0x1000007e in Windows Server 2012 R2
Thanks, that’s one less update to worry about.
Thanks a lot tdas777! May I ask where you got this info?
That’s Okay, I will apply the XP Unofficial SP4 3.0 to my XP system.
Anyone know what kb3141092 is?
That kb was not listed among the ones I chose to install (I made a list). It wasn’t shown during the install process. It isn’t listed as being installed in event viewer or the Windows Update log file. It isn’t even listed under view update history within Windows Update.
The only place that mentioned it, was after the install process finished rebooting, under the installed updates section (not the view update history within Windows Update but the installed updates link also in Windows Update in the lower left bottom). That shows an “Update for Microsoft Windows (KB3141092)” was also installed. Everything else being “Security Update for Microsoft Windows” with the former often being the unneeded updates to avoid.
The only thing I can find, an internet search yields no result so far, is it being mentioned under the MS16-009 Cumulative Security Update for Internet Explorer (3134220), https://technet.microsoft.com/en-us/library/security/ms16-009.aspx, which I did install but that had a different kb number, 3134814, and was installed properly and is listed as being so.
Unfortunately, I can not load https://support.microsoft.com/en-us/kb/3141092, as Microsoft blocks access unless one allows something to load from them that is getting blocked (cookies?). So I am not sure if that provides more info since MS16-009 doesn’t really provide any for it. Can anyone paste in the info here?
The support page is up now, it is: Sites in the Enterprise Mode Site List do not load in Enterprise mode
Martin
What are the updates I can’t find my list of the ones to avoid regarding the unwanted upgrade to Windows 10?
Thanks
Jim
Seems to be a few non-security patches designed to update Windows 7 and 8 systems to Windows 10 – including repeats of previous updates. Users who want to avoid being unpleasantly surprised should pay close attention to the group of non-security updates.
Thanks for doing this Martin – it’s of invaluable help!
Straspey,
What are the updates I can’t find my list of the ones to avoid regarding the unwanted upgrade to Windows 10?
Thanks Martin for this service.
Funnily enough I can not find the KB’s I received: 3115858/3123294/3124280/3126041/3126434/3126446/3126587/3126593/3134214.
Regarding the last one, KB 3134214, in her Patch Watch column over at Windows Secrets Susan Bradley says it’s a kernel patch security update which also includes several non-security fixes. According to her, “It’s never good when a patch mixes together security and nonsecurity updates. For that reason, I’m going to be cautious with this update.”
She recommends holding off installation of KB 3134214 for a couple of weeks, until she reports back on it in her next Patch Watch column. FWIW