Hello, welcome to the Wednesday, June 15th, 2016 edition of Sands and the Storm Center's Stormcast.

My name is Johannes Orich, and today I'm recording from Washington, D.C.

Today, of course, we got Microsoft's patch Tuesday to keep us busy with for the next five minutes.

A total of 17 bulletins were released, five of

which Microsoft rated as critical.

However, according to Microsoft, none of the vulnerabilities patch today are currently being

exploited.

To start out with, we got our typical cumulative security update for Internet Explorer, MS163.

The numbering is a little bit odd here. Microsoft did skip that number a couple months ago.

That month they did have an Internet Explorer update, so I guess they just felt it's time to finally use this

number. Next for Microsoft Edge of course we also have an update MS 1668 just

like we do for Innet Explorer I do see that a couple of the vulnerabilities are overlapping between these browsers.

The third critical update is MS1669.

Also a monthly favorite, that's the cumulative security update for JScript and VB script.

This only affects older versions of Windows.

For more recent versions of Windows, you do have these vulnerabilities addressed in the

Internet Explorer or the Edge Patch.

MS-1670 is the usual security update for Microsoft Office,

but after that it's getting more interesting.

MS-1671. This is the bulletin I am most worried about.

It fixes a single vulnerability in Microsoft's DNS server, and according to

Microsoft, this vulnerability does allow arbitrary code execution in the DNS server if the DNS server

...