Windows 10, Internet Explorer, Office Fixes on Patch Tuesday

Microsoft yesterday issued 14 security bulletins, including fixes for the brand spanking new Windows 10. All told, the patches fix 52 vulnerabilities in Windows, Windows Server, Internet Explorer, Office and other Microsoft products. Four of the bulletins are considered critical. Some of the vulnerabilities are being exploited in the wild.

Despite the launch of Windows 10 and all the talk about mandatory updates, Patch Tuesday rolls on. Russ Ernst, director of product management at Heat Software (formerly Lumension), told us this month everyone should pay attention.

EUMicrosoft shared a vulnerability smorgasbord [on Tuesday] -- offering a little something for everyone. From office and browser applications to desktops and servers, Microsoft covered them all with 14 bulletins,EU Ernst said. EUSome are for Windows 10, but the majority are for legacy versions of the OS, as expected. Regardless of the Windows version you are using, itEUs time to patch. Again.EU

Edge Already Updated

One of the vulnerabilities security researchers are talking about most is MS15-085, which addresses a vulnerability in the mount manager that could allow attacks elevated privileges if an attacker inserts a malicious USB device into a target system. According to Microsoft, an attacker could then write a malicious binary to disk and execute it.

But thatEUs not the one you should necessarily patch first. Ernst said MS15-081 should be first on the list. This critical update patches eight vulnerabilities in Office 2007, 2010 and 2013 and exploits are being detected in the wild now. Next, he said IT admins should target MS-079, which is a critical, cumulative update to Internet Explorer that addresses a whopping 13 vulnerabilities. This vulnerability paves the way for remote code execution and the attacker could even gain full user rights to a machine.

EUAnd speaking of Web browsers, if youEUre using Windows 10, Microsoft has also updated their new browser,...

Comments are closed.