Microsoft released a total of eight security updates today; two are listed as critical and remediate critical remote code execution (RCE) flaws, while two others are listed by Microsoft as important fixes for less severe RCE vulnerabilities.
Critical updates
The two critical security updates,according to Network World, fix a combined total of 25 vulnerabilities:
- The first patch –MS15-056– is "a cumulative security updater for Internet Explorer [and] ... fixes 24 vulnerabilities [alone]." In Microsoft's official release, it explains that the patch fixes flaws in IE by "preventing browser histories from being accessed by a malicious site; adding additional permission validations to Internet Explorer; and modifying how Internet Explorer handles objects in memory."
- The second patch –MS15-057– "fixes a hole in Windows that could allow remote...