Microsoft Patch Tuesday – October 2016
Patch Tuesday has once again arrived! Microsoft’s monthly release of security bulletins to address vulnerabilities provides fixes for 37 newly disclosed security flaws. Today’s release sees a total of 10 bulletins with five of the bulletins rated critical, addressing vulnerabilities in Edge, Graphics Component, Internet Explorer, Video Control, and Adobe Flash Player. Four bulletins are rated important and address flaws in Office, Windows Diagnostic Hub, Windows Kernel-Mode Drivers, and Windows Registry. One bulletin is rated moderate and addresses a flaw in Microsoft Internet Messaging API.
Bulletins Rated Critical
The following bulletins are rated critical: MS16-118, MS16-119, MS16-120, MS16-122, MS16-127
MS16-118 and MS16-119 are this month’s bulletins for Internet Explorer and Edge respectively. The Internet Explorer bulletin fixes 11 vulnerabilities while the Edge bulletin fixes 13 vulnerabilities. Seven vulnerabilities were found to affect both Edge and IE. The majority of the vulnerabilities fixed are memory corruption flaws that could lead to arbitrary code execution. Several privilege escalation and information disclosure flaws were also fixed in this month’s release.