Microsoft earlier this week released an array of security patches to fix as many as 49 vulnerabilities including five critical flaws in multiple Microsoft products such as Microsoft Edge, Internet Explorer, and Office.
The company stated that the previous versions of the software four zero-day flaws, meaning those critical bugs were never deliberately exploited hackers. Microsoft didn’t publicly disclose what these flaws were until now.
Among all the flaws, one bug in Internet Explorer was particularly serious as it could enable cyber criminals to assume control of the target system to install programs, access/modify data, or create new user accounts with full administrator privilege without the user’s knowledge.
Meanwhile, a zero-day flaw in Microsoft Edge, dubbed CVE-2016-7189, originated from the browser’s scripting engine. This flaw could technically allow skilled hackers to remotely execute codes on the target machine (although it would require them to convince the victim to first visit a malicious website).
In addition to those, Redmond also released an update designed for enhancing security and reliability issues in Windows 7.8.1, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012-R2.
These new security updates have come at a time when the software giant is reportedly working hard on its forthcoming hardware event scheduled on October 26. Microsoft has already sent out invites for the event that could witness the debut appearance of the new Surface hardware including an all-in-one desktop, and potential upgrades to the Surface Pro and Surface Book line-ups.