Hello, welcome to the Wednesday, October 12th, 2016 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich and today I'm recording from Jacksonville, Florida.

Today of course we got Microsoft's patch Tuesday to talk about and I just want to highlight a couple of patches that were released. not a lot of surprises there we do have our

typical explorer and edge roll-up patches we do have patches for office of course as we have

every month and then the other patch are all the sort of well-known components if you have patched

before. I just want to highlight a couple of the vulnerabilities that have already been exploited

in the wild and we have a total of four different vulnerabilities that have been exploited.

Now, I didn't mark all of them as patch now.

What I did instead is, for example, in an explorer, the roller patch, it does fix a vulnerability

that is already exploited in the wild, but the only thing you can do with this exploit is

check if a file exists on a system so I don't consider that severe enough

where I would call this patch now on the other hand for edge the vulnerability

that is being exploited here does allow remote code execution and this is

why for clients I did label it as patch now similar for the vulnerability in the

Microsoft graphics component it also can be used for remote code execution so I did

label it patch and now other than

that like I said no big surprises we also do again have a patch for flash

player that is being rolled out by Microsoft here now we this is not the only

bulletin or patch that Adobe came up with today.

Adobe patched Flash Player, but it also patched the PDF reader, and there's a long list

of vulnerabilities being addressed in that update. As far as patch priorities go, I would

definitely start out with the

...