27 vulnerabilities: The amount of vulnerabilities that were resolved with the round of security patches in Microsoft’s latest Patch Tuesday. Windows, Microsoft Office, Internet Explorer, the Edge browser, and more, were all affected. It’s important to patch these vulnerabilities as soon as possible, especially if you haven’t done so already.
However, if you’ve already applied the latest security patches, you have little to fear. We thought we’d share some background information on the nature of the vulnerabilities, and why Microsoft had to patch them in the first place. If you haven’t yet applied these patches, it will be good to know what you’re exposing your systems to, and why it’s important to get them fixed.
For Microsoft Office, Internet Explorer, and Edge, they are critically in danger of being exploited remotely through web pages or Office documents. This could allow hackers to execute malicious code and do your business harm. Read more about these patches on Microsoft’s security bulletin:
Patch for Microsoft Office: MS16-099
Patch for Internet Explorer: MS16-095
Patch for Edge: MS16-096
Even more critical vulnerabilities were found to affect Windows, Microsoft Office, Skype, and Lync, which have to do with the Windows Graphics Component. This could allow hackers to execute malicious code through malicious web pages or documents.
Patch for Windows, Microsoft Office, Skype, and Lync: MS16-097
In another security bulletin, Microsoft claims that a critical remote code execution flaw exists in Windows PDF Library, which is bundled with Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2012, and Windows Server 2012 R2. This vulnerability affected Edge in a different way from usual, and allows attackers to take advantage of malicious PDF documents hosted on a website, and then trick users to loading the file within their Edge browser.
Patch for Windows PDF Library: MS16-102
Other patches that have been flagged by Microsoft as “important,” rather than “critical,” can be found below. However, it’s important to note that even if they aren’t critical, they certainly shouldn’t be ignored.
MS16-101
MS16-100
MS16-098
If you haven’t yet updated your system with these security patches, you should reach out to Directive at (607) 433-2200. Our technicians will work with you to ensure that your systems are protected and patched against the myriad of threats that can be found both online and offline.
Of course, if you already have Directive’s remote monitoring and maintenance services, chances are that your systems have already been patched. In fact, we apply the patches for any product of Microsoft, so that you don’t have to. It’s just one way that managed IT service can help your business stay focused on what really matters.
Comments