SP's: Microsoft has issued critical security fixes as a part of this month’s patch Tuesday. Users are advised to download these security updates and make their systems secure.
As a part of this month’s patch Tuesday, Microsoft has rolled out six security updates that fix all the version of Windows. Researchers from FireEye, HP Zero Day Initiative, Verisign, and Trend Micro have contributed in finding and patching this flaw.
Out of the six, three patches are rated as critical, including the patches for remote code execution vulnerabilities JScript engines and VBScript and Internet Explorer rollup.
However, none of these vulnerabilities are being exploited or have been publicly disclosed.
The vulnerability described in the bulletin MS15-106 exists in all version of Windows including Windows Vista, 7, 8, 8.1, and 10. This patch also affects Windows Server and Windows RT.
It should be noted that Microsoft has removed the support cord for Windows XP, so it will bot be getting this patch.
Microsoft describes that the exploit takes place through Internet Explorer. If your haven’t patched your system, make sure that you don’t click on any unknown links coming in your email inbox as they redirect to the websites with malicious code. It should be noted that all the versions of IE are affected.
This flaw allowed the attackers to remotely control any version of Windows, just by making you click on a malicious link.
The MS15-107 is a new patch that affects the new Microsoft Edge browser and fixes information leak and an update for the XSS filter.
These updates come with the Windows update. So, all you have to do is check for Windows update and download them.
Have something to add? Tell us in the comments below.