On the 8th Day of December, Microsoft Sent to Me: 12 Bulletins!

This month’s Patch Tuesday lists 12 bulletins that resolve more than 70 individual vulnerabilities. Eight of these bulletins are rated “Critical,” and the remaining four are rated “Important.”

There are 10 vulnerabilities marked as Remote Code Execution, which are usually exploited through your users. I recommend extra vigilance during the holiday season when hackers aim to exploit your environment with a large number of enticing online games, such as “Elf Bowling.”

I highly recommended that you make MS15-124 through MS15-131, with particular emphasis on MS15-131, a priority for your remediation cycle this month. This recommendation is justified by combining the vendor severity, independent CVSS score, vulnerability impact and current exploits.Since the vulnerabilities in this latest release all have a “High” CVSS rating, I recommend deploying all updates as soon as possible to ensure peace of mind.

1. MS15-124 is one of the usual suspects affecting Internet Explorer on all versions of Windows. It has been marked as Critical and requires a reboot to resolve this vulnerability.

2. MS15-125 is a critical Remote Code Execution vulnerability affecting Microsoft Edge on Windows 10 and requires a reboot to resolve this vulnerability.

3. MS15-126 is a critical Remote Code Execution vulnerability for the VB scripting engine on Windows Vista, Windows Server 2008 and Windows Server 2008 R2 core edition. It may require a reboot depending on how many updates are installed at the same time.

4. MS15-127 is a critical Remote Code Execution vulnerability for Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2. It requires a reboot to resolve this vulnerability.

5. MS15-128 is a critical Remote Code Execution vulnerability for all versions of Windows Office 2007, Office 2010, some versions of .NET Framework, Skype for Business 2016, Lync 2010, Lync 2013, Live Meeting 2007 Console, Silverlight 5 and Silverlight 5 Developer Runtime. This patch requires a reboot, and due to the amount of technology this vulnerability can exploit, it’s wise to pay extra attention to this one.

For those who are still using versions of Lync before 2013, pay close attention to MS15-128. It may upgrade Lync to Skype for Business. You want to be careful and avoid spending many hours restoring your Lync services after receiving unexpected upgrades.

6. MS15-129 is a critical Remote Code Execution vulnerability for Silverlight 5 and Silverlight 7 Developer Runtime. It does not require a reboot.

7. MS15-130 is a critical Remote Code Execution vulnerability for Windows 7 and Windows Server 2008 R2. It requires a reboot.

8. MS15-131 is a critical Remote Code Execution vulnerability for Office 2007, Office 2010, Office 2013, Office 2013 RT, Office for Mac 2011, Office 2016 for Mac, Office Compatibility Pack SP3 and Excel Viewer. Although this covers a large amount of Microsoft real estate, it does not require a reboot.

Some of these vulnerabilities are coming under attack from active exploits. Microsoft Office users should make MS15-131 the first patch to consider applying without delay. Active exploits are more likely to be the ones that attackers use to compromise your network.
9. MS15-132 is an important Remote Code Execution vulnerability for all versions of Windows and may require a reboot.

10. MS15-133 is an important Elevation of Privilege vulnerability for all versions of Windows and may require a reboot.

11. MS15-134 is an important Remote Code Execution vulnerability affecting Media Centre on Vista and Windows 7, 8 and 8.1. It may require a reboot.

12. MS15-135 is an important Elevation of Privilege vulnerability for all versions of Windows and requires a reboot.This month is one of those times when you need to ignore the Microsoft Severity Rating and go with the opinion of industry experts.

I strongly advise this patch be deployed as quickly as possible. The vulnerability is present in all supported versions of Windows and could allow Elevation of Privilege if an attacker targets a system with a carefully crafted application.

Read the full article at channelpartners.com.