Microsoft Releases Patch Tuesday Windows Update Fixing 14 Security Flaws Including The 0-Day Found By Google
Speaking of business, the advice to update is imperative for those managing user PCs in the enterprise, as this rollout of patches includes a fix for a huge bug Google disclosed one week ago. This bug, called CVE-2016-7255, is a local privilege escalation flaw that is particularly dangerous, as it's been proven to be actively exploited. If you don't want to download all of the new updates in one fell swoop, make sure you snag at least this one.
While it could be argued that this particular bug should have been spotted ages ago, it's great to see that Microsoft wasted no time in squashing it - releasing the fix a mere week later. That's a lot better than 90 days, as we've seen in the past.
Other fixed bugs include 10 that affect Microsoft Office, three previously disclosed ones for Internet Explorer and Edge, and three other critical vulnerabilities affecting Windows. These include an open type font flaw that could be exploited if someone visits a malicious website, as well as a DLL loading issue with Task Scheduler that could lead someone to take control over a machine.
In case we were not clear enough above: update. Some Patch Tuesday rollouts might not seem that important, but this one certainly is.