Microsoft published MS16-039 for all versions of Windows on April 12, 2016. MS16-039 addresses four vulnerabilities, one rated “critical” allowing for Remote Code Execution, three rated “important” allowing for escalation of privilege. Two of the “important” vulnerabilities (CVE-2016-0165 and CVE-2016-0167) are under active attack. In a typical scenario an attacker would use a first vulnerability … Continue reading “Microsoft Windows under active attack”