Kaspersky Threats

CVSS

?

10.0

Detect date

?

02/09/2016

Severity

?

Critical

Description

Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10757.

Technical details

To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from running on Internet Explorer via Group Policy, prevent Adobe FP from running in Office 2010, prevent ActiveX controls from running in Office 2007 & 2010, set security zones settings to “High” to block kind of content, configure IE to prompt before running kind of content, use IE Trusted sites zone. For further instructions you can read original Microsoft advisory listed below.

Affected products

Windows 8 for 32-bit Systems
Windows 8 for 64-bit Systems
Windows Server 2012
Windows RT
Windows 8.1 for 32-bit Systems
Windows 8.1 for 64-bit Systems
Windows Server 2012 R2
Windows RT 8.1
Windows 10 for 32-bit Systems
Windows 10 for 64-bit Systems

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS16-022

Impacts

?

SB

[?]

DoS

[?]

CVSS ?	10.0
Detect date ?	02/09/2016
Severity ?	Critical
Description	Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10757. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from running on Internet Explorer via Group Policy, prevent Adobe FP from running in Office 2010, prevent ActiveX controls from running in Office 2007 & 2010, set security zones settings to “High” to block kind of content, configure IE to prompt before running kind of content, use IE Trusted sites zone. For further instructions you can read original Microsoft advisory listed below.
Affected products	Windows 8 for 32-bit Systems Windows 8 for 64-bit Systems Windows Server 2012 Windows RT Windows 8.1 for 32-bit Systems Windows 8.1 for 64-bit Systems Windows Server 2012 R2 Windows RT 8.1 Windows 10 for 32-bit Systems Windows 10 for 64-bit Systems
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	MS16-022
Impacts ?	SB [?] DoS [?]
Related products	Microsoft Windows
CVE-IDS ?	CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985
Microsoft official advisories	MS16-022
KB list	3135782