Microsoft releases security patches for browsers and Office

During its monthly security bulletin, Microsoft has recommended that all Windows users update their systems to fix two critical security flaws.

The company has released a patch that fixes a number of security vulnerabilities in its new browser Microsoft Edge and its aging browser Internet Explorer.

MS16-001 will fix the most serious flaw discovered by Microsoft. If unpatched it could allow a possible attacker to execute code remotely by tricking an Internet Explorer user into visiting a fake web page. This would give the attacker the same rights as the user allowing them to make serious changes to the system and access their data.

Microsoft Edge also received a hefty update in the form of patch MS16-002 which corrects a flaw that functions in a similar way to the one found in IE and also allows an attacker to remotely execute code after a user visits a custom built fake web page. Tech Previews 3 and 4 of Windows Server 2016 are affected by both of these flaws and require patching.

Microsoft Office received patching as well. MS16-004 corrects a series of memory corruption vulnerabilities in the program which would make it possible for an attacker to gain control of an affected system by exploiting a flaw in the way that Office opens and modifies documents.

In total, Microsoft released 9 patches to rectify important issues across its Windows Platform and its various products. All of these patches will be available through Windows Update and Microsoft Defender and will ensure the protection of Windows users.

Image Credit: Shutterstock / Florence-Joseph McGinn