Microsoft continuously patches flaws in its software and releases security updates on the second Tuesday of every month. It is unofficially called “Patch Tuesday.” On June 14th, 2016, Microsoft has released 16 security bulletins addressing major security issues in its products. The company patched a total of 44 security flaws, of which five were rated as critical. This rating means that the flaw allows cyber criminals execute code from one computer to another, in other words, remotely control victim’s computer without user’s interaction. When an attacker gets remote access to a compromised computer, he then can steal private victim’s data, download and install malware, and do other illegal activities. To put it shortly, the attacker can control the affected computer with admin rights.
In the past, frauds took advantage of these flaws, and did their best forcing victim’s visit malicious websites via Edge or IE, open infectious Microsoft Office documents, and sending specifically crafted requests to DNS servers. The critical flaws were fixed by releasing security updates for Internet Explorer, Microsoft Edge, JScript and VBScript, Microsoft Office, and Microsoft Windows DNS Server. Microsoft warns users to apply these updates as soon as possible as they are rated as high-priority ones.
If you’re an admin of a Windows Server, you should rush to install the update No. MS16-071, which fixes the flaw in Microsoft’s DNS server. This update changes the way the servers manage the requests. This flaw allowed frauds to compromise several computers at once by hijacking a single PC that is connected to the server, however, for now, this is no longer a problem.
You should regularly install all latest updates released by Microsoft and keep your software up-to-date, as this helps to protect the computer from a remote code execution vulnerability and other security-related issues. If you want to have the most recent Windows updates as soon as they become available, turn on automatic updating.