Microsoft Patch Tuesday addresses Exchange and Explorer flaws
Internet Explorer and Exchange Server top the list of Microsoft programs needing to be patched by IT administrators this month, now that the company has rolled out its latest round of “Patch Tuesday” security fixes.
Overall, Microsoft has issued seven security bulletins for December, including three that are critical, covering security vulnerabilities found in Windows (both the server and desktop editions), Office, Exchange Server, SharePoint Server and Internet Explorer.
The first bulletins administrators should look at are those that make remote code execution (RCE) possible, said Wolfgang Kandek, chief technology officer for IT security firm Qualys. These patches fix the vulnerabilities in the software that would allow an attacker to execute commands from across a network.