Microsoft have started shipping the monthly updates as part of the newly renamed Update Tuesday cycle, and this time around the company aims to fix a total of 37 flaws in a number of software.
Windows and Internet Explorer are on the list, as are other products like OneNote, SharePoint, .NET, SQL Server and more. Two of the nine security bulletins that are now landing on computers the world over are rated as Critical, with Redmond recommending prioritizing their deployment.
While the remaining seven are flagged Important, as the table above shows.
The software titan has provided the details here, but the Cumulative Security Update for Internet Explorer (KB2976627) fixes a remote code execution issue, and address at least 25 privately reported flaws, along with one publicly exposed vulnerability.
And the second critical patch fixes a problem in Windows Media Center that allows remote code execution on unprotected computers. This, again, is a privately reported issue:
“The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that invokes Windows Media Center resources. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user right.”
This update also brings along the Windows 8.1 August Update as noted here.
As is usually the case, all these fixes are bring delivered to computers via the automated Windows Update feature, meaning no user interaction is required. Microsoft will also release a dedicated ISO that will include all Windows patches later today for IT administrators.