InShortViral: Microsoft Windows Manufacturer released the first set of security updates, 2016. Experts point most urgent patches.
[dropcap]M[/dropcap]icrosoft released on Tuesday (12/01) his first 2016 security patch update, which includes patches critical remote execution of code flaws in Windows, Office, Edge, Internet Explorer, Silverlight, and Visual Basic.
The company also resolved remote code execution vulnerabilities and privilege elevation in Windows and address failure in Exchange Server, which were classified as important, not critical. In total, Microsoft issued nine security bulletins covering patches for 24 vulnerabilities.
Microsoft fixes critical flaws in Windows, Office, Edge, IE and other products
According to the CTO of security firm Qualys, Wolfgang Kandek, administrators should prioritize security bulletin MS16-005, especially for systems running Windows Vista, 7 and Server 2008. This patch fixes a remote code execution vulnerability tracked as CVE -2016-0009 that was revealed publicly, and may increase the incidence of attacks.
The second major release, according to Qualys is MS16-004, which fixes six vulnerabilities in Office. This bulletin is rated critical, which has been something unusual for Office in the recent past.
Already researchers from security firm Tripwire believe that patches of IE browsers and Edge should be high on the priority list as correct vulnerabilities could be remotely exploited by malicious or compromised Web sites. These patches are covered in MS16-001 and MS16-002 bulletins and will be the last version received by 8:10 of Internet Explorer – IE9 will continue to be supported in Windows Vista and Windows Server 2008 SP2.
This month’s security updates are also the last to Windows 8, which will cease to receive support from Microsoft going forward. System users will need to upgrade to Windows 8.1 or 10 to continue receiving security updates.