Return to normal numbers. Second update of the year sees 13 bulletins, six rated as critical
Microsoft has delivered 13 update bulletins for February, described by one expert as a normal number of updates after January’s relatively light package of just nine bulletins.
This month’s Patch Tuesday update sees six bulletins rated as critical, while the remaining seven are rated as important.
“We are back to normal numbers on Patch Tuesday,” blogged Wolfgang Kandek, CTO of Qualys.
MS16-022 leads our priority list at Qualys for this month,” wrote Kandek. “The update for Adobe Flash (APSB16-04) contains fixes for 22 vulnerabilities, all of them rated as “critical”, i.e. capable of handing the attacker complete control over the target machine.
Kandek’s second placed priority for system administrators is MS16-015. This fixes seven vulnerabilities with Microsoft Office, namely with Word, Excel, and SharePoint.
According to Redmond, “the most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.”
And it seems that Microsoft’s browser software also needs patching, as MS16-009 for Internet Explorer and MS16-011 for Microsoft Edge addresses 13 and 6 vulnerabilities respectively. Microsoft said that the Edge browser vulnerability could allow remote code execution if a user views a specially crafted webpage.
Microsoft it seems has been busy of late patching a number of flaws with the Adobe Flash Player embedded in its browsers.
“One of the best changes this month is that Adobe Flash Player embedded within Microsoft IE and Edge has finally received its own bulletin,” said Tyler Reguly, manager of Software Development at Tripwire.
“Previously, Microsoft updated the same KB on a month by month basis with no defining elements,” Reguly said. “This is a welcome change and hopefully it bodes well for other areas where Microsoft continues to do this.”
Last month Microsoft delivered its final patch update for Windows 8 (but not 8.1), as well as older versions of Internet Explorer.
Microsoft had been warning users for a while now that old IE versions would no longer be supported. January saw the official retirement of Internet Explorer 7 and 8. IE9 and IE10 are only maintained on some specific legacy platforms.
This meant that fans of Microsoft browsers will either have to use Internet Explorer 11 or the new Edge browser.
What do you know about web browsers? Take our quiz!