Microsoft has announced another Patch Tuesday, with this month's updates. Includes updates for Windows, Internet Explorer and Office.
The most important patch on the list is one of Office that fixes an exploit that is already used in "limited attacks" on the Internet.
But let's see in detail what is written in Microsoft's newsletter. On a fully upgraded Windows 8.1 system, there are 12 Important updates of Windows (including the Malware Removal Tool) and an additional 9 updates for Office 2010. For Windows 7, the corresponding list of Patch Tuesday it's a bit longer since it contains 12 Windows updates.
The good news is that in this month's security newsletters, only four updates are classified as critical. The rest are for security issues that are markedly important.
The first critical update is a cumulative security update for Internet Explorer (3038314) (MS15-032). This update addresses 10 separate vulnerabilities and is rated critical for every supported version of Internet Explorer in desktop with versions of Windows and important for servers' IE (where the default configuration makes it harder to exploit).
Η MS15-033 stops a "use after free" vulnerability that could lead to remote code exploitation when opening a "specially constructed" (ie, trapped) Office document. Office 2007. Microsoft says "limited attacks trying to exploit this vulnerability" have been reported on the Internet.
Η MS15-034 encounters a vulnerability in HTTP.sys. Applies to all supported versions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.
The latest critical update MS15-035, is not required on systems running Windows 8.1 or Windows Server 2012, but is applicable to Windows Vista and Windows 7, as well as Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2. Fixes a vulnerability that could allow remote code execution when a user clicks on a maliciously enriched meta file image (Enhanced Metafile or EMF).
Needless to say, the Office update is especially worth applying immediately.