Microsoft has released a number of security updates to address vulnerabilities across all of its Operating Systems. All the vulnerabilities were reported to Microsoft under a responsible disclosure agreement, thus, these are not believed to have been actively exploited by attackers.
- MS16-009: A security update for Internet Explorer 9 through 11 to patch 13 security issues, including remote-code-execution (RCE) and information disclosure issues.
- MS16-011: An update for Microsoft's Edge browser in Windows 10 patches 6 security issues, 4 of which address remote code execution vulnerabilities.
- MS16-012: An update to address two remote-code-execution flaws in Windows PDF Library and Reader for Windows 8.1, Windows 10 and Server 2012. These could allow attackers to run malicious code on an affected system by tricking users into opening a specially-crafted PDF file.
- MS16-013: An update for a memory-corruption flaw that could allow a remote attacker to execute arbitrary code as the logged-in user by tricking a user into opening a specially crafted Journal file.
- MS16-015: An update to patch 6 memory-corruption vulnerabilities in Microsoft Office, each of which could allow a remote attacker to run arbitrary code by tricking a user into opening a specially-crafted Office file.
- MS16-022: A security update for vulnerabilities found in Adobe Flash Player across all supported versions of Windows 8.1, Windows 10, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1.
It is highly recommended to ensure that any systems running any version of the Microsoft Operating System are updated as soon as possible.