Microsoft Releases Critical Security Updates for Windows
Microsoft has released 13 security patches for this month’s Patch Tuesday, fixing vulnerabilities in Windows, Office, and Internet Explorer. Out of the 13 security patches, 5 are rated as critical and should be installed by every Windows users. These critical patches are essential fixes for vulnerabilities discovered in Windows.
Which Critical Updates to Prioritize?
First, you should prioritize to install MS16-023, which is a cumulative security update for Internet Explorer. MS16-023 is available for all supported Windows editions. Even if you do not use Internet Explorer, you are highly recommended to install this patch as some apps installed on your PC may still rely on the browser to display web-based content.
According to Microsoft, this patch fixes security vulnerabilities in Internet Explorer which could allow an attacker to get the same rights as the logged-in user. The remote code execution flaws can be exploited by tricking users into loading a compromised website. Until you install the patch, make sure to avoid clicking on any links that look suspicious or on them that are from unknown sources.
The second critical patch on the line of deployment, MS16-024 is a must for Windows 10 users. You should install this patch as soon as possible too. MS16-024 is a cumulative security update for Microsoft Edge, the new web browser that has replaced Internet Explorer as the default browser on Windows 10. It fixes a remote code execution flaw that can be exploited with the help of a malicious website. The remote code execution flaws can only be exploited when an attacker loads a compromised website in Edge browser, so if you haven’t installed the update just yet, it’s better not to click on suspicious links coming from unknown sources.
“The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights,” Microsoft explains.
The remaining 3 critical updates that were released today are MS16-026, MS16-027, and MS16-028. These patches fixes remote code execution flaws in Windows. Make sure you install them all.
All the latest updates are available via Windows Update. You may have to reboot your PC after installing the patches to apply them.