Microsoft today released 13 bulletins (plus one bulletin from Adobe for Flash). 5 of the Microsoft bulletins, and the Adobe Flash bulletin are rated critical. There are a number of vulnerabilities that have either already been known, or have already been exploited:
MS16-129 andMS16-142(Internet Explorer): An informationdisclosure(%%cve:2016-7199%%) has already been publicly disclosed, but not been exploited yet. The vulnerability canleak information cross-origin. In addition there is a spoofing vulnerability that only affects Microsoft Edge that has been publicly disclosed ( %%cve:2016-7209%%).
MS16-132 (Microsoft Graphics Component): This is yet another open type font issue (%%cve:2016-7256%%). IT has already been exploited and I labeled this bulletin as Patch Now . The vulnerability can be used for remote code execution.
MS16-135 (Kernel Mode Drivers): A Win32kpriviledge escalation vulnerability (%%cve:2016-7255%%) has already been publicly disclosed and exploited. This one is a bit odd in that it sounds like what Google released as %%CVE:2016-7855%%. Trying to clarify if this is a typo.
Full details:https://isc.sans.edu/mspatchdays.html?viewday=2016-11-08
Note that Microsoft didnt use the first two bulletins for the usual Internet Explorer and Edge cumulative updates. Instead, the first bulletin (MS16-129) is used for Edge, and the last one (MS16-142) is used for Internet Explorer. The Flash update uses the next to last bulletin (MS16-141).
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.