Microsoft’s first patch Tuesday for 2016 brings with it six critical updates and three important updates. But perhaps more importantly, Microsoft is discontinuing support for Internet Explorer 8, 9 and 10, as well as Windows 8.0. Windows 8.1; the major update to 8.0 is still being supported.

MS16-001 is the cumulative security update for Internet Explorer 8, 9, 10 and 11. It addresses a remote code execution vulnerability by visiting a specially designed website that gives an attacker current user-level access control. This is more critical if the user is an administrator. This will be the final IE patch for IE 8, 9 and 10.

MS16-002 is an update that mirrors MS16-001 for Microsoft Edge.

MS16-003 is an update to Windows JScript and VBScript that can allow for remote code execution and the ability for an attacker to assume current user-level access control.

MS16-004 is an update that applies to all versions of Microsoft Office (including Mac and RT versions). It addresses a vulnerability that could allow for remote code execution in the context of the current user.

MS16-005 addresses a vulnerability in kernel-mode drivers that can allow remote code execution.

MS16-006 pertains to a vulnerability in Microsoft Silverlight that could allow remote code execution after visiting a malicious website.

MS16-007 addresses a vulnerability in Windows that could allow a remote attacker to log on to a target system and install malicious applications.

MS16-008 is an important update that pertains to Windows Kernel which could allow elevation of privilege if an attacker gains access to a system and runs an application.

MS16-009 was skipped, reportedly due to holdups in testing.

MS16-010 is a vulnerability in Microsoft Exchange Server that could allow spoofing if Outlook Web Access improperly handles web requests.

Skybox’s Vulnerability Center and our built-in vulnerability feed is updated as soon as new vulnerabilities are reported from major software vendors. This gives our users the up-to-date intelligence to help manage vulnerabilities in the context of their network and their current security posture. Request a free 30 day trial of the Skybox Vulnerability and Threat Management solution to see how you can apply this intelligence and get total visibility across your entire network.