Microsoft Releases Critical Windows, Edge Browser, Office Security Updates

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Microsoft has started this month’s Patch Tuesday update cycle to fix vulnerabilities in its software, and this time, the highlights are Windows, Edge browser, Internet Explorer, and the Office productivity suite.

There are 13 different security bulletins this month, one of which is the Flash Player patch that was released a few days ago and that Microsoft included in its rollout to fix vulnerabilities in Internet Explorer and Edge (both browsers come with Flash pre-installed, so in order to patch flaws, Microsoft has to deliver fixes through Windows Update).

Out of the 12 remaining updates, there are 6 critical updates fixing flaws in Windows, Internet Explorer, Office, and Edge browser. The rollout is targeting remote code execution flaws and escalation of privilege and includes updates that require a restart, so IT admins should have this in mind when starting deployment.

Windows users, prioritize this update!
For Windows users, the most important update that needs to be installed ASAP is MS16-039, which comes to address flaws related to a graphics component in the operating system. Absolutely all versions of Windows are affected, starting with Vista and ending with 10, as well as Office 2007 and 2010, .NET, Skype, and Lync.

“The two 0-days are contained with the Windows portion and both allow for the escalation of privilege from a normal user to administrator. In real life they will be paired with an exploit for a vulnerability that gets the attacker on the machine such as the Flash Player flaw,” Wolfgang Kandek, CTO of Qualys, explains.

“In that type of scenario, your user would go to a normal website and get attacked with a Flash exploit that then escalates with the CVE-2016-0165/7 vulnerabilities from MS16-039.”

Read more: Microsoft Releases Critical Windows, Edge Browser, Office Security Updates
 

nsm0220

Level 21
Verified
Sep 9, 2013
1,054
Microsoft has started this month’s Patch Tuesday update cycle to fix vulnerabilities in its software, and this time, the highlights are Windows, Edge browser, Internet Explorer, and the Office productivity suite.

There are 13 different security bulletins this month, one of which is the Flash Player patch that was released a few days ago and that Microsoft included in its rollout to fix vulnerabilities in Internet Explorer and Edge (both browsers come with Flash pre-installed, so in order to patch flaws, Microsoft has to deliver fixes through Windows Update).

Out of the 12 remaining updates, there are 6 critical updates fixing flaws in Windows, Internet Explorer, Office, and Edge browser. The rollout is targeting remote code execution flaws and escalation of privilege and includes updates that require a restart, so IT admins should have this in mind when starting deployment.

Windows users, prioritize this update!
For Windows users, the most important update that needs to be installed ASAP is MS16-039, which comes to address flaws related to a graphics component in the operating system. Absolutely all versions of Windows are affected, starting with Vista and ending with 10, as well as Office 2007 and 2010, .NET, Skype, and Lync.

“The two 0-days are contained with the Windows portion and both allow for the escalation of privilege from a normal user to administrator. In real life they will be paired with an exploit for a vulnerability that gets the attacker on the machine such as the Flash Player flaw,” Wolfgang Kandek, CTO of Qualys, explains.

“In that type of scenario, your user would go to a normal website and get attacked with a Flash exploit that then escalates with the CVE-2016-0165/7 vulnerabilities from MS16-039.”

Read more: Microsoft Releases Critical Windows, Edge Browser, Office Security Updates
Btw what is the update code so i don't install MS spyware.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top