Microsoft Releases May 2016 Security Updates for Windows, Office, Edge Browser
Microsoft has released this month’s Patch Tuesday updates to fix vulnerabilities in a wide array of software solutions, including Windows, Internet Explorer, Edge browser, and the Office productivity suite.
There are 8 critical security updates this month, one of which is provided by Adobe and meant to fix vulnerabilities in Flash Player, but which Microsoft ships as part of its Patch Tuesday cycle via Windows Update in order to patch address flaws in IE and Edge browser.
All critical updates are aimed at correcting Remote Code Execution vulnerabilities that require users to manually open a compromised website or document in order to enable the attacker to obtain the same privileges as the logged-in Windows user.
MS16-051 and MS16-052 are two of the critical security updates that are specifically aimed at Internet Explorer and Microsoft Edge browsers, bringing fixes on all Windows versions currently supported by Microsoft. The company recommends everyone to deploy them as soon as possible, especially if using these browsers on a daily basis.
Prioritize the IE patch
Microsoft’s Graphics Component gets patched with MS16-055, while MS16-056 brings security fixes for Windows Journal. Lastly, MS16-057 is a security update for Windows Shell that protects users against a vulnerability which involves forcing the user to browse to a specially crafted website that accepts user-provided online content or to open content distributed via email or other methods.
The first patch that needs to be installed in MS16-051, which patches a critical RCE vulnerability that’s already being exploited in the wild.
Overall, this Patch Tuesday rollout addresses more than 100 flaws in Microsoft’s software solutions and services, so it’s critical for customers to install them as soon as possible.
Source | SoftPedia