February continues this quarter's trend with the majority of bulletins (7) addressing remote code execution (RCE) vulnerabilities; the remaining 6 evenly address denial of service (DOS) and elevation of privilege. All of the critical bulletins (MS16-009, MS16-011. MS16-012, MS16-013, MS16-015, MS16-022) are remote code execution issues affecting a variety of products and platforms include Edge, Internet Explorer, Office, Office for Mac, Office Web Apps, SharePoint and releases of Microsoft Windows (Client and Server).

This month Microsoft resolves 36 vulnerabilities across 13 bulletins, with MS16-009, MS16-011, MS16-012, MS16-015 as the bulletins to watch out for, addressing 24 vulnerabilities. Since a wide range of products are affected this month almost all Microsoft users should be on alert. Fortunately at this time, no vulnerabilities are known to have been exploited in the wild.

Users should be wary of untrusted sources as maliciously crafted content could allow an attacked to remotely execute code in-order to gain the same rights as your user account. Your best protection against these threats is to patch as quickly as possible. Administrators, be sure to review this month's bulletins and in accordance with your specific configuration, prioritize your deployment of this month's updates. At a minimum, ensure to patch systems affected by critical bulletins.

Resolved Vulnerability Reference: