Microsoft released 49 security patches for October, including updates for vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server. Of these, 12 updates are considered critical, 35 are important.
Here are the highlights from this month’s release with the information you need to prioritize your patching efforts.
Patches to Pay Attention To This Month
CVE-2018-8453 – Win32k Elevation of Privilege Vulnerability
This is your top priority this month. It is a vulnerability in Win32k.sys discovered by Kaspersky Lab in August that is under known exploit.
“So far, we detected a very limited number of attacks using this vulnerability. The victims are located in the Middle East,” said Kaspersky in a statement on the vulnerability.”