Patch Tuesday November 2015: Microsoft releases 12 fixes, 4 rated critical

For Patch Tuesday November 2015, Microsoft released 12 security bulletins, four rated as critical and the remaining 8 rated as important.

Rated Critical

MS15-112 is the cumulative fix for remote code execution flaws in Internet Explorer. Microsoft lists 25 CVEs, most of which are IE memory corruption vulnerabilities. 19 are called Internet Explorer memory corruption vulnerabilities, with three CVEs labeled slightly different as Microsoft browser memory corruption vulnerabilities. Of the remaining CVEs, one involves Microsoft browser ASLR bypass, one is for an IE information disclosure flaw, and one is a scripting engine memory corruption vulnerability. You should deploy this as soon as possible.

To read this article in full or to leave a comment, please click here

Network World Security