Kaspersky Threats

CVSS

?

10.0

Detect date

?

03/10/2016

Severity

?

Critical

Description

Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10757.

Technical details

To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from running on Internet Explorer via Group Policy, prevent Adobe FP from running in Office 2010, prevent ActiveX controls from running in Office 2007 & 2010, set security zones settings to “High” to block kind of content, configure IE to prompt before running kind of content, use IE Trusted sites zone. For further instructions you can read original Microsoft advisory listed below.

Affected products

Windows 8 for 32-bit Systems
Windows 8 for 64-bit Systems
Windows Server 2012
Windows RT
Windows 8.1 for 32-bit Systems
Windows 8.1 for 64-bit Systems
Windows Server 2012 R2
Windows RT 8.1
Windows 10 for 32-bit Systems
Windows 10 for 64-bit Systems

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2016-0995
CVE-2016-0996
CVE-2016-0991
CVE-2016-0993
CVE-2016-0994
CVE-2016-0989
CVE-2016-0990
CVE-2016-0988
CVE-2016-0987
CVE-2016-0986
CVE-2016-0963
CVE-2016-0962
CVE-2016-0961
CVE-2016-0960
CVE-2016-1001
CVE-2016-1010
CVE-2016-1005
CVE-2015-8658
CVE-2015-8655
CVE-2015-8652

Impacts

?

ACE

[?]

DoS

[?]

CVSS ?	10.0
Detect date ?	03/10/2016
Severity ?	Critical
Description	Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10757. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from running on Internet Explorer via Group Policy, prevent Adobe FP from running in Office 2010, prevent ActiveX controls from running in Office 2007 & 2010, set security zones settings to “High” to block kind of content, configure IE to prompt before running kind of content, use IE Trusted sites zone. For further instructions you can read original Microsoft advisory listed below.
Affected products	Windows 8 for 32-bit Systems Windows 8 for 64-bit Systems Windows Server 2012 Windows RT Windows 8.1 for 32-bit Systems Windows 8.1 for 64-bit Systems Windows Server 2012 R2 Windows RT 8.1 Windows 10 for 32-bit Systems Windows 10 for 64-bit Systems
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2016-0995 CVE-2016-0996 CVE-2016-0991 CVE-2016-0993 CVE-2016-0994 CVE-2016-0989 CVE-2016-0990 CVE-2016-0988 CVE-2016-0987 CVE-2016-0986 CVE-2016-0963 CVE-2016-0962 CVE-2016-0961 CVE-2016-0960 CVE-2016-1001 CVE-2016-1010 CVE-2016-1005 CVE-2015-8658 CVE-2015-8655 CVE-2015-8652
Impacts ?	ACE [?] DoS [?]
Related products	Microsoft Windows
CVE-IDS ?	CVE-2016-0995 CVE-2016-0996 CVE-2016-0991 CVE-2016-0993 CVE-2016-0994 CVE-2016-0989 CVE-2016-0990 CVE-2016-0988 CVE-2016-0987 CVE-2016-0986 CVE-2016-0963 CVE-2016-0962 CVE-2016-0961 CVE-2016-0960 CVE-2016-1001 CVE-2016-1010 CVE-2016-1005 CVE-2015-8658 CVE-2015-8655 CVE-2015-8652
Microsoft official advisories	Microsoft Security Update Guide
KB list	3144756