This month, Microsoft includes 12 security bulletins, comprised of 52 CVEs, with five bulletins being rated critical. All five critical bulletins (MS15-094, MS15-095, MS15-097, MS15-098, MS15-099) and MS15-100 are remote code execution issues affecting Internet Explorer, Edge, Microsoft Graphics, Windows Journal, Microsoft Office and Media Center. Users can be affected by the remote execution issues by viewing a specially crafted web page, journal file, office file or media center link (.mcl).

CVE-2015-2506, CVE-2015-2510 and CVE-2015-2545 are Office vulnerabilities actively being exploited in the wild. The positive news is exploitation of these vulnerabilities requires user interaction. As always users should be aware of the document origins whenever they open Office documents, particularly for documents received via email or downloaded from an untrusted online source.

Users, remember to be wary of untrusted sources. Your best bet for resolving these is to get patching quickly.