Microsoft today released a new set of cumulative updates for Windows 10 PCs that run the May 2019 update and earlier. Two weeks after "Patch Tuesday" updates this month, the latest versions focus on solving a single security issue with Internet Explorer.
The solution for Internet Explorer is the only thing included in these updates. Specifically, as noted in the Microsoft release notes, the updates focus on correcting a remote code execution vulnerability in all versions of Windows 10, except version 1511. Here is a description of the problem, in the Guide Microsoft Security Update:
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could obtain the same user rights as the current user. If the current user has logged in with administrative user rights, an attacker who has successfully exploited the vulnerability could take control of an affected system. An attacker could install programs; view, change or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially designed website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.
The security update addresses the vulnerability by modifying the way the scripting engine handles objects in memory.
These updates are optional, but should be included as part of Microsoft's next "Patch Tuesday" round. Cumulative updates in October.
We can earn a commission for purchases using our links. Learn more.