Microsoft has rolled out a total of 11 security updates as part of this month’s Patch Tuesday cycle, fixing vulnerabilities in products such as Windows, Internet Explorer, Edge, and the Office productivity suite.
First of all, it’s worth noting that this month’s rollout includes six different critical updates, and users and IT admins should prioritize their deployment.
These critical security updates also comprise a patch for Adobe Flash Player, which Microsoft offers as built-in for Internet Explorer and Edge, so fixes are delivered to users automatically via Windows Update. You can learn more abouthere.
and are two cumulative updates that should be of particular importance for Windows 10 users because they include fixes for Microsoft Edge and Internet Explorer, the two browsers that are currently available on PCs.
They both fix Remote Code Execution flaws and are rated by Microsoft as critical – what you should know, however, is that a successful exploit involves bringing users on a malicious website, so until patching, you’d better stay away from links that you don’t trust or are coming from suspicious sources.
Microsoft Office patches
Additionally, there’s a security update for Microsoft Office productivity suite labeled asand that comes with fixes for RCE flaws found in the Microsoft Office 2007 Service Pack 3 and later. In Office 2016, this patch is flagged as “important,” but everyone should prioritize its deployment anyway.
“This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user,” Microsoft explains.
These security updates require a system reboot, so IT admins should have this in mind when preparing their networks for deployment. Additionally, desktop PC administrators are urged to deploy the critical patches as fast as possible, as exploits have already been spotted in a wild for a number of vulnerabilities.
This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.
Recommended article from FiveFilters.org: .