14 DAY TRIAL // Microsoft has rolled out 13 different security bulletins as part of this month’s Patch Tuesday cycle, patching flaws in Windows, Internet Explorer, and Edge browser for Windows 10.
Out of the 13 patches, 6 are considered to be critical and address remote code execution (RCE) flaws that could allow an attacker to gain control of a vulnerable computer with a successful exploit.
Specifically, Cumulative Security Update for Internet Explorer (KB3134220) needs particular attention, as it impacts all versions of Microsoft’s old browser.
“This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft explains.
New Flash Player and Windows 10 updates
One of the critical patches is an Adobe Flash Player update for Internet Explorer and Edge users, which also brings vital fixes for those who browse the web and who might thus be exposed to attackers. More information on the new Flash Player version is available here.
Windows 10 users have also received their own share of updates, including the aforementioned cumulative update for Edge browser, which is supposed to fix remote code execution flaws in the browser. Once again, an attacker could compromise a computer by leading users to a malicious website hosting malware or exploits designed to take advantage of the flaws.
Some of these updates require a computer reboot, so IT admins should have this in mind when preparing for deployment. Additionally, with this month bringing so many patches for Internet Explorer and Edge, try not to click any suspicious links that arrive on your PC from unknown sources, at least until you install all the released updates.