MS16-077 – Important: Security Update for WPAD (3165191) – Version: 1.3

This post has been republished via RSS; it originally appeared at: Microsoft Security Bulletins.

Severity Rating: Important
Revision Note: V1.3 (August 9, 2016): Bulletin revised to include an additional vulnerability, CVE-2016-3299. This is an informational change only. Customers who have successfully installed the updates do not need to take any further action.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process on a target system.