March 2016 Microsoft Patch Tuesday

Published: 2016-03-08
Last Updated: 2016-03-08 18:52:03 UTC
by Alex Stanford (Version: 1)
22 comment(s)

Alex Stanford - GIAC GWEB & GSEC,
Research Operations Manager,
SANS Internet Storm Center

22 comment(s)


Typo in the summary table? MS16-029 summary lists CVE2016-0021 three times, with two different severities.
[quote=comment#36585]Typo in the summary table? MS16-029 summary lists CVE2016-0021 three times, with two different severities.[/quote]
Thank you for pointing that out. We'll have it corrected shortly.
Hi Alex,
I had always used the previous format which Dr. J did whereas everything was listed in one table rather than 26 different table blocks. That makes it quite difficult to copy it in Excel and then put comments against each one of them. Could we get it into the previous format?
Does MS16-033 (CVE-2016-0133) require logon rights AND physical access to the USB port, or just physical access? Going from "elevation of privilege", I assume the former?
I like the new layout.
I have question regarding MS16-024 Update for Microsfot Edge, what's the reason of the rating for servers being high? Is there any possibility that Edge may also affect servers? Because as far as I know, Edge doesn't exist on servers yet. Thanks
Hi - I agree with Jo that the old format table was much better - just a couple of pages full. Easier to read and take in.
Another item is the 'Replaces' field. Before, it showed the MS bulletin number, eg "Cumulative Security Update for Internet Explorer (Replaces MS16-001)". Now it only shows the KB number. Again, the older format was better. If you want to show the KB number, then why not add this rather than replace the MS bulletin?
Same here unfortunately, good thing I didn't get to invest time writing a parser for the previous format after all. Could we get an idea of long this one is staying for?
Needless to say that if there was a choice, I would definitely go for the previous one.
I appreciate the work to try new ways of presenting the information - in this case, I have to say I miss the old layout - it just seemed easier to view and quickly assess all the pertinent information.
I also like the new format. I find it easier to read. Wish you would add whether it applies to servers or clients, like you used to do.

Diary Archives