Microsoft Security Bulletins July 2016

microsoft security bulletins july 2016
Martin Brinkmann
Jul 12, 2016
Updated • Jan 4, 2018
Companies, Microsoft
|
14

Welcome to the Microsoft Security Bulletins overview for July 2016. The overview covers July's Patch Day, and all patches released by Microsoft on July 12, 2016 for Windows and other company products.

It starts with an executive summary that reveals important information about this month's security patches. It is followed by the operating system and Microsoft product distribution listing, revealing how specific Microsoft products are affected this month.

This is followed by the list of security bulletins released by Microsoft in July 2016, and the list of security advisories, updates, and non-security updates released since the June 2016 patch day.

The final part of the overview provides you with download information and links to additional resources.

Microsoft Security Bulletins July 2016

Executive Summary

  1. Microsoft released 11 bulletins on the July 2016 Patch Day.
  2. 6 bulletins are rated with a severity ranking of critical, the remaining 5 bulletins with a severity ranking of important.
  3. All client and server versions of Microsoft Windows are affected by security issues that the released patches resolve.
  4. Other affected Microsoft products include

Operating System Distribution

All client and server Windows operating systems are affected by at least one critical security vulnerability. In fact, all are affected by MS16-087, a vulnerability in Windows Print Spooler Components in a critical way.

Vista is the only client system affected by MS16-086, a cumulative security update for JScript and VBScript, and Windows Server 2008 the only server system affected by it but only with a moderate severity rating.

Windows 10 is the only client system affected by MS16-085, a cumulative security update for Microsoft Edge.

Windows 8.1 and newer systems are affected by MS16-093, another critically rated bulletin affecting Adobe Flash Player contained within IE10 and newer.

Last but not least, they receive updates described in MS16-092 and MS16-094. The updates fix secure boot and kernel security issues.

  • Windows Vista: 3 critical, 2 important:
  • Windows 7: 2 critical, 2 important
  • Windows 8.1: 3 critical, 4 important
  • Windows RT 8.1: 3 critical, 4 important
  • Windows 10: 4 critical, 4 important
  • Windows Server 2008: 1 critical, 2 important, 2 moderate
  • Windows Server 2008 R2: 1 critical, 2 important, 1 moderate
  • Windows Server 2012 and 2012 R2: 1 critical, 4 important, 2 moderate
  • Server core: 1 critical, 4 important, 1 moderate

Other Microsoft Products

  • Microsoft Office 2007, 2010, 2013, 2013 RT, 2016: 1 critical
  • Microsoft Office for Mac 2011, 2016: 1 critical
  • Microsoft Office Compatibility Pack Service Pack 3: 1 important
  • Microsoft Excel Viewer: 1 important
  • Microsoft Word Viewer: 1 important
  • Microsoft SharePoint Server 2010, 2013, 2016: 1 important
  • Microsoft Office Web Apps 2010, 2013: 1 important
  • Office Online Server: 1 important

Security Bulletins

MS16-084

Cumulative Security Update for Internet Explorer (3169991) - Critical - Remote Code Execution

This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.

MS16-085

Cumulative Security Update for Microsoft Edge (3169999) - Critical - Remote Code Execution

This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.

MS16-086

Cumulative Security Update for JScript and VBScript (3169996) - Critical - Remote Code Execution

This security update resolves a vulnerability in the JScript and VBScript scripting engines in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

MS16-087

Security Update for Windows Print Spooler Components (3170005) - Critical - Remote Code Execution

This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker is able to execute a man-in-the-middle (MiTM) attack on a workstation or print server, or set up a rogue print server on a target network.

MS16-088

Security Update for Microsoft Office (3170008) - Critical - Remote Code Execution

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.

MS16-089

Security Update for Windows Secure Kernel Mode (3170050) - Important - Information Disclosure

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Windows Secure Kernel Mode improperly handles objects in memory.

MS16-090

Security Update for Windows Kernel-Mode Drivers (3171481) - Important - Elevation of Privilege

This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

MS16-091

Security Update for .NET Framework (3170048) - Important - Information Disclosure

This security update resolves a vulnerability in Microsoft .NET Framework. The vulnerability could cause information disclosure if an attacker uploads a specially crafted XML file to a web-based application.

MS16-092

Security Update for Windows Kernel (3171910) - Important - Security Feature Bypass

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow security feature bypass if the Windows kernel fails to determine how a low integrity application can use certain object manager features.

MS16-093

Security Update for Adobe Flash Player (3174060) - Critical - Remote Code Execution

This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, and Windows 10.

MS16-094

Security Update for Secure Boot (3177404) - Important - Security Feature Bypass

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow Secure Boot security features to be bypassed if an attacker installs an affected policy on a target device. An attacker must have either administrative privileges or physical access to install a policy and bypass Secure Boot.

Security advisories and updates

MS16-083: Security Update for Adobe Flash Player for Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, and Windows Server 2012 (KB3167685)

Non-security related updates

KB2952664: Update for Windows 7 - Compatibility update for upgrading Windows 7.

KB2976978: Update for Windows 8.1 and Windows 8 - Compatibility update for Windows 8.1 and Windows 8.

KB2977759: Update for Windows 7 - Compatibility update for Windows 7 RTM.

KB3170735: Update for Windows 8.1 and Windows 7 - July 2016 Update for Windows Journal.

KB3163589: Update for Windows 8 and Windows 7 - "Your PC is running an outdated version of Windows" notification.

KB3173040: Update for Windows 8.1 and Windows 7 - Windows 8.1 and Windows 7 SP1 end of free upgrade offer notification.

KB3161606: Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 - June 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2

Issues that the update fixes:

  • KB3163232 Application crashes when you open an earlier version of an Office file in Windows 8.1 or Windows Server 2012 R2
  • KB3163974 "Sign in to your Microsoft account" wizard page has only one text box in Windows 8.1 or Windows Server 2012 R2
  • KB3142535 Hard I/O failure with MPIO storage targets connected to Windows Server 2012 R2
  • KB3153887 Fine tuning failover cluster network thresholds in Windows Server 2012 R2
  • KB3163306 AD FS 3.0 can't connect to native LDAP attribute stores over SSL in Windows Server 2012 R2
  • KB3163192 NFS role takes a long time or fails to come online on a Windows Server 2012 R2 cluster
  • KB3164088 Memory leak occurs when system calls a certain function to store and look for GUID records in Windows Server 2012 R2
  • KB3164345 Stop error occurs when you recover a computer from sleep or restart it in Windows 8.1 or Windows RT 8.1
  • KB3135021 File server becomes unresponsive when data deduplication is running in Windows Server 2012 R2
  • KB3159393 Memory Leak in IIS ADSI provider in Windows 8.1 or Windows Server 2012 R2
  • KB3159985 Crash dump file isn't generated in Windows Server 2012 R2
  • KB3162159 Kerberos authentication policy causes requests to fail with a status of KDC_ERR_POLICY in Windows Server 2012 R2
  • KB3162871 RD Gateway Manager console crashes with the latest .NET Framework 4.6.1 update on Windows Server 2012 R2
  • KB3163023 Windows Update Client for Windows 8.1 and Windows Server 2012 R2: June 2016
  • KB3161579 "Access Denied" error when you run mpclaim.exe command to retrieve MPIO configuration reports in Windows Server 2012 R2
  • KB3154769 "Error Cannot Process TPM Attestation" when you try to configure Key Attestation in Windows Server 2012 R2
  • KB3163191 Group policies aren't applied during startup and logon in Windows
  • KB3154437 Update to remove VPNIKE hardcoded dependency in Windows Server 2012 R2
  • KB3153727 Windows Installer with certain actions can't be installed on Windows Server 2012 R2 or Windows Server 2008 R2 SP1
  • KB3161639 Update to add new cipher suites to Internet Explorer and Microsoft Edge in Windows
  • KB3158626 "0xD1" Stop error when a virtual machine crashes on a Windows Server 2012 R2 or Windows Server 2012 Hyper-V host
  • KB3154228 32-bit icons can't be loaded in OleLoadPictureEx in Windows

KB3161608: Update for Windows 7 and Windows Server 2008 R2 - June 2016 update rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

Issues that the update fixes:

  • KB3154228 32-bit icons can't be loaded in OleLoadPictureEx in Windows
  • KB3153727 Windows Installer with certain actions can't be installed on Windows Server 2012 R2 or Windows Server 2008 R2 SP1
  • KB3161647 Windows Update Client for Windows 7 and Windows Server 2008 R2: June 2016
  • KB3161897 WDS deployment fails when UEFI clients are in routed environments in Windows Server 2008 R2 SP1
  • KB3161639 Update to add new cipher suites to Internet Explorer and Microsoft Edge in Windows
  • KB3163644 Microsoft Office 2010 doesn't start when EMET is enabled in Windows 7 or Windows Server 2008 R2

KB3161609: Update for Windows Embedded 8 Standard and Windows Server 2012 - June 2016 update rollup for Windows Server 2012

Issues that the update fixes:

  • KB3158626 "0xD1" Stop error when a virtual machine crashes on a Windows Server 2012 R2 or Windows Server 2012 Hyper-V host
  • KB3154228 32-bit icons can't be loaded in OleLoadPictureEx in Windows

How to download and install the July 2016 security updates

microsoft security bulletins july 2016

All security updates are already available on Windows Update. Windows Update is the built-in update service of Windows devices, and configured by default to download critical patches automatically.

The service does not check for updates in real-time. If you want to speed up the process, do the following:

  1. Tap on the Windows-key on the computer keyboard, type Windows Update, and select the result from the list.
  2. Select the "check for updates" button to run a manual check for updates.

Windows checks for available updates. What happens next depends on how updating is configured on the device. Updates may be downloaded and installed automatically, or you may be notified about them only.

The latter gives you greater control over the updating process.

We recommend highly that you research updates released for Windows before you install them on your machines. Updates may break systems, and have done so in the past. At the very least, create a system backup before you install the updates.

Some updates are available on Microsoft's Download Center, as Security ISO images, and via Microsoft's Update Catalog.

Additional resources

Summary
Microsoft Security Bulletins July 2016
Article Name
Microsoft Security Bulletins July 2016
Description
Microsoft Security Bulletins July 2016 provides you with an overview of all security bulletins and non-security updates released by Microsoft.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Related content

How to enable macOS Sonoma Game Mode

Seamless gaming on your Apple devices with macOS Sonoma
Google 25th birthday surprise spinner

Happy birthday Google!
Apple defends Google

Apple defends Google in a court hearing
iOS 17 is turning sensitive location settings on, here is how to disable them

iOS 17 is turning sensitive location settings on, here is how to disable them
FTC sues Amazon how will Amazon lawsuit end

FTC is once again after Amazon

Google is retiring its Podcasts app to focus on YouTube Music

Tutorials & Tips

How to change YouTube handle

MusicLM: Google Music AI is here to change the music industry

How to use Personal Voice on iOS 17

How to send GIFs on iPhone: Two different ways


Previous Post: «
Next Post: «

Comments

  1. The Dark Lady said on July 9, 2023 at 11:19 am
    Reply

    Martin, I would appreciate that you do not censor this post, as it’s informative writing.

    Onur, there is a misleading statement “[…] GIFs are animated images …”. No, obviously you don’t seem to have take much notice of what you were told back in March regarding; Graphics Interchange Format (GIF).

    For example, https://www.ghacks.net/2023/03/31/whats-gif-explanation-and-how-to-use-it/#comment-4562919 (if you had read my replies within that thread, you might have learnt something useful). I even mentioned, “GIF intrinsically supports animated images (GIF89a)”.

    You linked to said article, [Related: …] within this article, but have somehow failed to take onboard what support you were given by several more knowledgeable people.

    If you used AI to help write this article, it has failed miserably.

  2. KeZa said on August 17, 2023 at 5:58 pm
    Reply

    AI is stupid, and it will not get any better if we really know how this all works. Prove me wrong.. https://www.youtube.com/watch?v=4IYl1sTIOHI

  3. Database failure said on August 18, 2023 at 5:21 pm
    Reply

    Martin, [#comment-4569908] is only meant to be in: [https://www.ghacks.net/2023/07/09/how-to-send-gifs-on-iphone-two-different-ways/]. Whereas it appears duplicated in several recent random low-quality non relevant articles.

    Obviously it [#comment-4569908] was posted: 9 July 2023. Long before this thread even existed… your database is falling over. Those comments are supposed to have unique ID values. It shouldn’t be possible to duplicate the post ID, if the database had referential integrity.

  4. Howard Pearce said on August 25, 2023 at 12:24 pm
    Reply

    Don’t tell me!

    Ghacks wants the state to step in for STATE-MANDATED associations to save jobs!!!

    Bring in the dictatorship!!!

    And screw Rreedom of Association – too radical for Ghacks maybe

  5. Howard Allan Pearce said on September 7, 2023 at 9:13 am
    Reply

    GateKeeper ?

    That’s called “appointing” businesses to do the state’s dirty work!!!!!

    But the article says itself that those appointed were not happy – implying they had not choice!!!!!!

  6. owl said on September 7, 2023 at 9:50 am
    Reply

    @The Dark Lady,
    @KeZa,
    @Database failure,
    @Howard Pearce,
    @Howard Allan Pearce,

    Note: I replaced the quoted URI scheme: https:// with “>>” and posted.

    The current ghacks.net is owned by “Softonic International S.A.” (sold by Martin in October 2019), and due to the fate of M&A, ghacks.net has changed in quality.
    >> ghacks.net/2023/09/02/microsoft-is-removing-wordpad-from-windows/#comment-4573130
    Many Authors of bloggers and advertisers certified by Softonic have joined the site, and the site is full of articles aimed at advertising and clickbait.
    >> ghacks.net/2023/08/31/in-windows-11-the-line-between-legitimate-and-adware-becomes-increasingly-blurred/#comment-4573117
    As it stands, except for articles by Martin Brinkmann, Mike Turcotte, and Ashwin, they are low quality, unhelpful, and even vicious. It is better not to read those articles.
    How to display only articles by a specific author:
    Added line to My filters in uBlock Origin: ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))
    >> ghacks.net/2023/09/01/windows-11-development-overview-of-the-august-2023-changes/#comment-4573033

    By the way, if you use an RSS reader, you can track exactly where your comments are (I’m an iPad user, so I use “Feedly Classic”, but for Windows I prefer the desktop app “RSS Guard”).
    RSS Guard: Feed reader which supports RSS/ATOM/JSON and many web-based feed services.
    >> github.com/martinrotter/rssguard#readme

  7. Anonymous said on September 14, 2023 at 6:41 pm
    Reply

    We all live in digital surveillance glass houses under scrutiny of evil people because of people like Musk. It’s only fair that he takes his turn.

  8. Anonymous said on September 18, 2023 at 1:31 pm
    Reply

    “Operating systems will be required to let the user choose the browser, virtual assistant and search engine of their choice. Microsoft cannot force users to use Bing or Edge. Apple will have to open up its iOS operating system to allow third-party app stores, aka allow sideloading of apps. Google, on the other hand, will need to provide users with the ability to uninstall preloaded apps (bloatware) from Android devices. Online services will need to allow users to unsubscribe from their platform easily. Gatekeepers need to provide interoperability with third-parties that offer similar services.”

    Wonderful ! Let’s hope they’ll comply with that law more than they are doing with the GDPR.

  9. sean conner said on September 27, 2023 at 6:21 am
    Reply

    No, they didn’t lmao.

    https://twitter.com/vxunderground/status/1706523877478670542

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Ghacks Newsletter Sign Up

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up

Advertisement

Hot Discussions

Advertisement

Recently Updated

Latest from Softonic

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2023 - All rights reserved