Microsoft has released 9 security updates that fix 25 vulnerabilities in Windows, Internet Explorer, Office, Silverlight, the Edge browser, Visual Basic and Exchange server. The updates were released as part of Microsoft's Patch Tuesday, the first in 2016. Amongst the vulnerabilities were also several zero days.
Six of the Security Bulletins are marked as critical which means an attacker can use these vulnerabilities to take full control over the computer. The critical leaks were in Windows, Office, the Edge browser, Internet Explorer, Silverlight and Visual Basic. The other vulnerabilities allow an attacker with access to the system to elevate his rights. Another vulnerability made it possible to perform spoofing attacks on Exchange users.
The zero days leaks, vulnerabilities which were public before Microsoft released a patch, were found in Office and Internet Explorer. Three others were found in Windows.
The first Patch Tuesday of 2016 also included the latest patch for older Internet Explorer versions and Windows 8.
