Microsoft Patch Tuesday To Bring Zero-Day Vulnerability Fix And Other Critical Updates

We're coming up on the second Tuesday of the month, which is when Microsoft rolls out a collection of security updates for Windows and Internet Explorer. Otherwise known as "Patch Tuesday," the one that's coming up tomorrow will be relatively light compared to previous ones as it contains only five security bulletins, however two of them are deemed Critical and three Important, and several of them require a restart.

The first Bulletin addresses a zero-day vulnerability affecting IE versions 9 and 10, along with other security fixes for IE versions 6 through 11. This one is deemed Critical because of the zero-day exploit identified by FireEye last month, which was used to infect the U.S. Veterans of Foreign Wars website and other government portals.

Windows Update

Bulletin number 2 is also Critical -- it affects almost all versions of Windows from XP through 8.1 and, if left unpatched, would allow an attacker to take control of a PC remotely.

The remaining Bulletins -- 3 through 5 -- are all labeled as Important, the first two of which require a restart. One of them deals with an Elevation of Privilege exploit found in Windows, and the other two address Security Feature Bypass vulnerabilities present in Windows and Silverlight.