Microsoft Released Security Updates for Multiple Products

On Tuesday, Microsoft released security updates to address 61 vulnerabilities in various Microsoft products, including a zero-day vulnerability (CVE-2017-0199) that is reportedly being actively exploited to spread malware. Successful exploitation of some of these vulnerabilities could allow a remote attacker to execute code on an affected system. The NJCCIC recommends all users and administrators review Microsoft’s Security Update Guide for a full list of vulnerabilities, review US-CERT’s Vulnerability Note VU#921560and apply all necessary updates as soon as possible.

The security updates impact the following Microsoft products: Edge browserInternet Explorer (9, 10, 11); Microsoft Office (2007, 2010, 2013, 2016); Silverlight 5 (for Windows, Developer Runtime for Windows); Windows Server (2008, 2008 R2, 2012, 2012 R2, 2016); Windows Server Core Installations (2008, 2008 R2, 2012, 2012 R2, 2016); Windows Vista (7, 8.1, RT 8.1, 10); Visual Studio for Mac; and .NET Framework.