Microsoft yesterday fixed 36 vulnerabilities in Windows, Office, Internet Explorer, Edge and the .NET Framework. The update was part of its monthly Patch Tuesday and also fixed an actively exploited vulnerability in Internet Explorer for which no patch was available before.
In total 15 updates for Microsoft's software were released of which 7 were marked critical. Critical vulnerabilities allow an attacker to take control over a computer without much interaction of the user. An user visiting a malicious or hacked website can be sufficient to exploit it.
This month also 4 zero-day leaks were closed, these are vulnerabilities that are revealed before Microsoft released a patch. The 4 zero-day leaks fixed in this Patch Tuesday were in the .NET Framework and Internet Explorer. The 2 zero-day vulnerabilities in Internet Explorer were actively exploited.
As always it's advised to install the updates as soon as possible. On most computer this will happen automatically through Windows Update.
