Microsoft released six (6) bulletins. Three (3) bulletins are identified as Critical and the remaining three (3) are rated Important in severity.
The updates address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Office Services and Web Apps, Microsoft Server Software, Microsoft Edge and Internet Explorer.
Details about the CVEs can be found in the below-referenced TechNet Security Bulletin. Also see the The monthly patch review – October, 2015 by Dustin Childs -- picking up where MSRC has left us hanging.
- MS15-106 Cumulative Security Update for Internet Explorer (3096441)
- MS15-108 Security Update for JScript and VBScript to Address Remote Code Execution (3089659)
- MS15-109 Security Update for Windows Shell to Address Remote Code Execution (3096443)
- MS15-107 Cumulative Security Update for Microsoft Edge (3096448)
- MS15-110 Security Updates for Microsoft Office to Address Remote Code Execution (3096440)
- MS15-111 Security Update for Windows Kernel to Address Elevation of Privilege (3096447)
Additional Update Notes
- MSRT -- Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. The updated version includes detection for the following families: Tescrypt, Blakamba, Diplugem, Escad, Joanap, Brambul and Drixed. Details are available in the MMPC Blog Post.
- Windows 8.x and Windows 10 -- Non-security new features and improvements for Windows 8.1 and Windows 10 are included with the updates.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...