Microsoft's monthly Patch Tuesday security bulletin summary shows 12 security bulletins today, eight of which are rated Critical. SANS Institute draws out MS15-127/KB 3100465 (a DNS hole on Windows Server) as particularly noteworthy, but lists only one known exploit for all of the new patches -- albeit for an "important," not "critical" patch.
Then there's Windows 10. Microsoft has started pushing KB 3116900 on machines running Windows 10 version 1511, the Fall Update/Threshold 2 version. The KB article (newly available) says it includes security updates for MS15-124, MS15-125, MS15-126, MS15-128, MS15-132, MS15-133, and MS15-135. In other words, almost all of the security holes fixed this month also affected Windows 10. MS15-125, an Edge patch, only applies to Windows 10.
Worthy of note: This CU boosts the winver version number (type "winver" in the Cortana Search box and press Enter) from 10586.17 to 10586.29.
Here are the five cumulative updates we've seen for Win10 version 1511, all in the past three weeks:
- Version 1511 (OS Build 10586), released Nov. 12, is the first version 1511 -- the one that raised the old RTM build 10240 version of Win10 to the November Update/Threshold 2 level
- Cumulative Update 1, KB 3105211, brings the build number up to 10586.3
- Cumulative Update 2, KB 3118754, Nov. 18, goes to build 10586.11
- Cumulative Update 3, KB 3120677, Nov. 24, sets build 10586.14
- Cumulative Update 4, KB 3116908, Dec. 2, runs up to build 10586.17
- Cumulative Update 5, KB 3116900, Dec. 8, build 10586.29
More details when the offal starts hitting the fan.