The year's first release contains 9 bulletins, 7 remote code execution (RCE), an elevation of privilege and spoofing vulnerability. The critical bulletins (MS15-001, MS15-002, MS15-003, MS15-004, MS15-005, MS15-006) are comprised of remote code execution vulnerabilities affecting a variety of products and platforms including Edge, Internet Explorer (7 and onwards), Excel Viewer, Office, SharePoint Server, Silverlight, Word Viewer, VBScripting engine and all supported releases of Microsoft Windows.

This month Microsoft resolves 24 vulnerabilities across 9 bulletins with MS16-001, MS16-002, MS16-006, MS16-007 as the bulletins to watch out for, addressing 11 vulnerabilities. Since a wide range of products are affected this month almost all Microsoft users should be on alert. Fortunately no vulnerabilities are known to have been exploited.

Users should be wary of untrusted sources as maliciously crafted content could allow an attacker to remotely execute code to gain the same rights as your user account. Your best protection against these threats is to patch as quickly as possible.

Resolved Vulnerability Reference: