Microsoft today released security updates for its software due to the latest news on vulnerabilities in CPUs from Intel, AMD and ARM. This is outside the company’s regular ‘Patch Tuesday’ cycle where the software giant releases patches each second Tuesday of the month.
Together with January’s upcoming Patch Tuesday, information about the “Meltdown” and “Spectre”attacks was planned to be disclosed. These attacks exploit vulnerabilities in modern CPUs from all major vendors. However, because the researchers who discovered the attacked decided to publish their findings yesterday, Microsoft had to roll out its patched a week earlier than scheduled.
In total 32 different vulnerabilities in Windows, Edge and Internet Explorer 11 were patched. In case of Edge and Internet Explorer the vulnerabilities are marked critical. They allowed an attacker to take control over the system when the user visited a hacked or malcious website or viewed a malicious advertisement.
The vulnerabilities in Windows are less critical and allowed an attacker to retrieve information or to elevate his rights on an already compromised system.
As usual, the updates are automatically installed through Windows Update for most users.