Yesterday, during Microsoft’s latest Patch Tuesday, the company released important security updates for Windows, Internet Explorer, Edge and the .NET Framework. In total the Redmond software giant fixed 40 security leaks in 13 security bulletins. Five of the updates have been marked critical.
Vulnerabilities fixed by these updates allowed an attacker to execute random code on computer. Thirteen of the 40 leaks that were closed concerned Internet Explorer while in its successor and default browser in Windows 10, Edge, 11 vulnerabilities were patched. Also in Office several vulnerabilities were patched that allowed an attacker to infect a computer with malware when an user opened a malicious Office document.
Microsoft also patched a vulnerability that allowed an attacker to elevate his privileges on the computer using a specially prepared USB device. The vulnerability existed in the Windows USB driver which allowed an attacker to execute random code in kernel mode.
Previous months Microsoft also resolved several zero-day leaks, which are vulnerabilities already known or attacked before updates were released. This month there were no such leaks according to Microsoft.