14 DAY TRIAL // This month’s Patch Tuesday cycle brought fixes for a total of 45 vulnerabilities in Microsoft software, including Office, Internet Explorer, and Edge browser.
What’s very important to know is that some of the patched security flaws allowed hackers to take control of your system, and this does nothing more than to emphasize how important it is to update computers as soon as possible.
This month, Microsoft finally makes the transition from releasing security bulletins to the new security update guide, which the company says should make it easier for everyone to patch systems. With this new approach, related vulnerabilities and products are grouped together for easier patching, while the previous system relied on individual security bulletins known by the MS format.
Critical security updates
One of the most important security updates landing this month patches the vulnerability documented in CVE-2017-0199 and is aimed at fixing the zero-day flaw in Microsoft Word and WordPad and allowing cybercriminals to deploy malware with a compromised RTF document.
All supported Internet Explorer versions are getting patches for two critical vulnerabilities, namely CVE-2017-0201 and CVE-2017-0202, while Microsoft Edge browser, the new default in Windows 10, is targeted by fixes for three different security flaws (CVE-2017-0093, CVE-2017-0200, CVE-2017-0205), which could allow an attacker to take control of an unpatched system.
All these security updates are shipped via Windows Update and users and IT admins alike are recommended to update as soon as possible, especially because fixes for zero-days are also included. Users who can’t patch right now are advised to avoid opening RTF documents coming from untrusted sources, but also to refuse to click on suspicious links on systems where Internet Explorer or Microsoft Edge is the default browser.
There are no botched updates reported so far, and the update ran smoothly on all systems here at Softpedia, but we’ll be keeping an eye on reports out there and will let you know should a specific update require extra attention.