Yesterday was Microsoft's regular Update Tuesday, and new vulnerabilities were discovered that need updates immediately.
Included in this batch of security patches are five critical updates to popular everyday programs such as Internet Explorer, Microsoft Office and even Microsoft's new browser Edge. So if you are using these programs regularly, make sure you apply them as soon as you can.
The cumulative browser updates (Internet Explorer and Microsoft Edge), in particular, addresses a vulnerability that could allow remote code execution through a malicious webpage. The scary part about this vulnerability is that, once exploited, the attacker could gain the same user rights as the current logged-in user. This means if your system gets compromised while an administrator account is logged in, the attackers could basically do anything they want, like view and delete data, install programs, change passwords, etc.
The Microsoft Office and the Active Scripting patches close similar holes. Remote code execution via poisoned websites could potentially give the attacker full control of your machine. Bad news all around so it is advised that you apply these patches as soon as possible.
The last critical update is another important one, especially for networks who run their own DNS servers. The exploit lets attackers send malicious requests to a DNS server that will allow them to, yes, you guessed it right, execute remote code.
There are 11 other updates rated as "Important" included in yesterday's batch. Of note to the everyday user are the patches to the Microsoft Graphic Component, Microsoft Windows PDF and Microsoft Search Component. The first two address remote code execution through specifically designed websites and the latter resolves a vulnerability that enables denial of service attacks. These patches may be a notch below Critical status, but it is still advised that you apply them as soon as you can.
All in all, these 16 security bulletins address 44 vulnerabilities that hackers may try to exploit.
So as evidenced by the majority of these malicious exploits, be careful with any links you click! Windows typically checks for updates and installs them automatically, but you can run a manual check as well. To do this, go into your Control Panel and click "System and Security." From there, click on "Windows Update," and then "Check for Updates."
An updated operating system is one vital way to be safe and be a step ahead. If your computer is not set to install updates automatically, check out our tip with step-by-step instructions on how to set up Windows Automatic Updates.