1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Patch Tuesday: Microsoft released 9 security updates, 6 rated critical, 7 for RCE

Discussion in 'Network World' started by RSS, Jan 12, 2016.

  1. RSS

    RSS New Member Member

    To start off 2016 Patch Tuesdays, Microsoft released nine security bulletins, six of which are rated as critical and seven resolve remote code execution vulnerabilities.

    While that many RCEs don’t set any records, Bobby Kuzma, CISSP, systems engineer at Core Security, said, “It still distresses me. Web browsers are not safe, and everyone should be using some kind of content filtering on their networks. It's like wearing a seat belt. Just do it.”

    Rated critical

    First up is MS16-001, the cumulative fix for flaws in Internet Explorer which an attacker could exploit to gain remote code execution and have the same rights as the user. The patch is meant to modify how VBScript handles objects in memory and to help ensure that cross-domain policies are properly enforced in Internet Explorer.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page