The first major security patch of 2016 from Microsoft includes six "critical" and four "important" fixes.
Microsoft has released the first security bulletin of 2016. Six of the new patches are rated "critical" on the company's severity scale, and address security issues in Internet Explorer, Edge, Office, Silverlight, and two within Windows. The "important" patches address Windows and Microsoft Exchange. The Explorer and Edge bugs affect primarily administrators, and can allow an attacker to gain control of certain privileges after the user accidentally visits a malicious webpage. The patch is preventative, as there are no known occurrences of this exploitation so far. The Windows vulnerabilities include flaws in VBScript and memory object handling. The Microsoft Office patch fixes a vulnerability that could affect the program if a user opened a malicious email. The Silverlight vulnerability can affect both Windows and Mac, but according to Microsoft, it is also unaware of any exploitation of this particular weakness.
Microsoft released a slew of critical security patches last month, bringing 2015's patch count to over 130, representing an enormous increase from 2014's 85 patches. But the company will certainly have fewer bug fixes for Internet Explorer throughout the remainder of 2016; support for IE versions earlier than the last edition has finally been cut after over a year of end-of-support announcements. However, this is not necessarily good news; for the users who still operate these now outdated browsers, security is going to become a serious issue in the next few months as attackers take advantage of the lack of support and bug fixes.
Photo: © iStock.