This month’s Patch Tuesday fell on the 14th this month and Microsoft delivered 11 patches with four of them rated critical. The first critical fix addresses multiple issues in Internet Explorer.
The second focuses on similar issues for Office. The third critical fix (MS15-034) is for an issue that “could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system”. The final critical fix addresses a vulnerability in a core graphics component that could be used to hijack browser sessions.
Given that there are critical fixes for HTTP issues both on the client side and on the server side, Windows sysadmins will want to deploy these patches as soon as possible.
See Microsoft’s official bulletin for complete details.