Hello, welcome to the Wednesday, November 9th, 2016 edition of the Sands and its Storm Center's

Stormcast. My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Microsoft's Patch Tuesday, of course, kept me busy today trying to go through all of the different

bulletins, 14 total bulletins if you count the Adobe bulletin, which of course

is again included in Microsoft's set here.

Five of the Microsoft bulletins are rated critical and then the Adobe Flash bulletin, of

course, is also rated critical.

There are a total of four different vulnerabilities that are being

addressed in these bulletins that were either already released or have already

been exploited in the wild. The In An Explorer bulletin included one of them

and information disclosure vulnerability 2016 7199 that already has been publicly

disclosed it's sort of a cross-origin vulnerability where one site could get data that is open

in another browser window the second one is is CV 2016-7209. That only affects Microsoft Edge,

and it's also a publicly disclosed vulnerability that allows you to spoof the URL bar.

An MS-16-132, this is the one bulletin that I labeled as a patch now for clients,

because it does address a vulnerability that is actually already being exploited in the wild.

It's yet another open type font issue.

We have seen many of them in the past, many of them being successfully exploited in the past.

This is CVE 2016

7256. MS-16-135, that's a kernel mode driver patch. It does include a privilege escalation

vulnerability, CVE-2016-7255, that has already been public

disclosed and exploited.

...