The following overview provides you with information on all security bulletins and updates that Microsoft released in August 2016.
Microsoft releases security patches on the second Tuesday of each month. This month, the updates were released on August 9, 2016.
The overview begins with an executive summary listing the most important information. It is followed by the operating system distribution, and information about patches for other Microsoft products.
What follows is a list of all security bulletins, security advisories and non-security patches that Microsoft released this month.
The final part offers download instructions, and links to various resources for further information.
All client and server operating systems are affected by at least one bulletin rated critically for the system.
Windows 10 is affected by the most bulletins. This can be explained by the cumulative Microsoft Edge bulletin MS10-096 and the Windows PDF Library bulletin MS10-102. Windows 8.x is also affected by the latter but not by the former.
Windows 10 is furthermore affected by MS16-103 rated important, while all other client operating systems are not.
The situation looks identical on the server side of things.
Cumulative Security Update for Internet Explorer (3177356) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Cumulative Security Update for Microsoft Edge 3177358) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.
Security Update for Microsoft Graphics Component (3177393) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution.
Security Update for Windows Kernel-Mode Drivers (3178466) - Important - Elevation of Privilege
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
Security Update for Microsoft Office (3177451) - Critical - Remote Code Execution
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.
Security Update for Secure Boot (3179577) - Important - Security Feature Bypass
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker installs a policy affected by the vulnerability onto a target device.
Security Update for Windows Authentication Methods (3178465) - Important - Elevation of Privilege
This security update resolves multiple vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a domain-joined system.
Security Update for Microsoft Windows PDF Library (3182248) - Critical - Remote Code Execution
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.
Security Update for ActiveSyncProvider (3182332) - Important - Information Disclosure
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Universal Outlook fails to establish a secure connection.
Update for Kernel Mode Blacklist
Microsoft is blacklisting some publicly released versions of securekernel.exe.
KB3176495, KB3176493, KB3176492
Windows 10 Version 1607 Cumulative Updates August 9, 2016 for the three different versions of windows 10 (Anniversary Update, Built 10586, and Build 10240)
Lots of fixes, includes the security updates. All information on this page.
Windows 10 Version 1607 Cumulative Update August 2, 2016
Update that includes a number of fixes and improvements. This includes Edge extension and background task improvement among other things. All changes are listed on this page.
Update for Windows 8.1 and Windows 7
Update for Windows Journal component removal. This update lets users remove the Windows Journal component immediately. Users who require Windows Journal can install it as a standalone application by going here.
July 2016 update rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1
Know issue affects Intel Bluetooth devices. The following changes are included in the update rollup:
Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
This update introduces a wide variety of updates (mostly fixes to existing issues). You find the all listed on this page.
Update for Windows 8.1 and Windows 7
Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1
Update for Windows Embedded 8 Standard and Windows Server 2012
July 2016 update rollup for Windows Server 2012. The update fixes several issues and makes improvements to supported operating systems. The full list is accessible here.
All security updates are made available on Windows Update. Windows home devices are configured by default to use Windows Update.
Depending on the configuration, updates may be downloaded and installed automatically.
The check for updates does not happen in real-time though. If you want to grab the updates right when they become available, do the following:
Updates that are found are either downloaded and installed automatically, or on user request.
It is recommended to research all Windows updates before installing them on productive machines. The reason for this is that updates may break functionality or in the worst case prevent the system from booting at all.
It is recommended to create a system backup prior to installing updates as well.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.