Following last month’s 12-bulletin release, which included two zero-day patches, today’s Patch Tuesday release is relatively light. Microsoft only released three bulletins to resolve four vulnerabilities affecting Microsoft Windows and Microsoft Office.
Only one bulletin, which resolves vulnerabilities in DirectShow, Windows Media Player, and Windows Media Center, has been rated “critical.” The other two bulletins have been rated “important. ” All three bulletins resolve vulnerabilities that can allow remote attackers to execute malicious code on vulnerable machines.
It is worth noting, however, that the MHTML vulnerability missing from last month’s release remains unpatched. Microsoft continues to offer workaround solutions on how to keep systems safe from possible attacks leveraging this vulnerability.
To keep systems up-to-date, users are advised to visit the related Microsoft pages. For enterprise users, we offer specific solutions to deal with vulnerabilities. Both Deep Security and OfficeScan with Intrusion Defense Firewall (IDF) plug-in have existing rules that protect users from the vulnerabilities patched in this month’s release as well as the said MHTML flaw.