Microsoft's January 2016 patch summary includes 9 important fixes for Win10/Win8.1/Win7

January 13 news, Microsoft today pushed the user's first wave of security updates in the early morning of this year, and has announced the details of this month's update. In January 2016, there were 9 security updates, of which the first 6 were serious and the remaining 3 were important.

Affected operating systems and components include: Windows Vista, Win7, Win8, Win8.1, Win10, Windows Server 2008/2012 (R2), and Windows RT and Windows RT 8.1 for tablet devices. Includes software and services such as Microsoft Office 2007/2010/2013/2013 RT.

It is recommended that users download and install updates from Windows Update in a timely manner.

Summary of Security Updates for January 2016:

1, Cumulative Security Update for Internet Explorer (3124903)

This security update fixes in Internet Explorer Vulnerabilities. More serious vulnerabilities could allow remote code execution when a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged in with administrative user rights, an attacker who successfully exploited the vulnerability could control the affected system. An attacker can then install programs; view, change, or delete data; or create new accounts with full user rights.

2, Cumulative Security Update for Microsoft Edge (3124904)

This security update resolves vulnerabilities in Microsoft Edge. If a user views a specially crafted web page using Microsoft Edge, all vulnerabilities could allow remote code execution. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers with accounts configured to have fewer system user rights are less affected than customers with administrative user rights.

3, JScript and VBScript Cumulative Security Updates for Remote Code Execution (3125540)

This security update resolves a vulnerability in the VBScript scripting engine for Microsoft Windows. This vulnerability could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged in with administrative user rights, an attacker who successfully exploited the vulnerability could control the affected system. An attacker can then install programs; view, change, or delete data; or create new accounts with full user rights.

4. Microsoft Office Security Update for Remote Code Execution Vulnerability (3124585)

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution when a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. Customers with accounts configured to have fewer system user rights are less affected than customers with administrative user rights.

5, Windows Kernel-Mode Driver Security Update for Remote Code Execution (3124584)

This security update resolves vulnerabilities in Microsoft Windows. A more serious vulnerability could allow remote code execution if a user visits a malicious website.

6. Silverlight Security Update for Remote Code Execution Vulnerability (3126036)

This security update resolves vulnerabilities in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application. An attacker could not force a user to visit a compromised website. Instead, you must be tempted to access it, usually by having the user click a link in an email or instant message to go to the attacker's website.

7. Microsoft Windows Security Update for Remote Code Execution Vulnerability (3124901)

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker could log in to the target system and run a specially crafted application.

8.Windows Kernel Security Update for Fixing Elevation of Privilege Vulnerability (3124605)

This security update resolves vulnerabilities in Microsoft Windows. These vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.

9. Microsoft Exchange Server Security Update for Fixing Spoofing Vulnerabilities (3124557)

This security update resolves multiple vulnerabilities in Microsoft Exchange Server. The most serious of these vulnerabilities could allow spoofing if Outlook Web Access (OWA) does not properly handle web requests and clean up user input and email content.

Microsoft's KB3124263 cumulative update for Windows 10 today includes three of the above updates, in addition to two other updates.