Remote code execution flaws eliminated in several products
The Redmond giant announced on Thursday that there are nine security bulletins available for this month’s Patch Tuesday, the one for Internet Explorer receiving a critical severity rating and vulnerability impact.
Administrators at IT shops, big and small, have been notified that this month they should be prepared to apply a new set of fixes that address remote code execution (RCE) vulnerabilities in Microsoft’s Internet Explorer versions 6 through 11, running on different editions of Windows.
Internet Explorer is not the only product patched against remote code execution
The bulletin bundling all the patches for the web browser has been labeled as "critical" for the security of the product, the default recommendation in this case being to apply the changes as soon as they become available through the Windows Update mechanism.
The RCE type of security flaw allows an attacker to run arbitrary code on the affected machine without having direct access to it. This would enable malicious actors to execute malicious commands on the target system, benefiting from the same privileges as the user account under which the application is running.
