As if to say, "I'm not dead yet," Microsoft's update servers delivered a heaping helping of Patch Tuesday fixes today, for Windows, Office, the .NET Framework, and Silverlight. On a Windows 8.1 System, I counted 19 updates for Windows, and a separate Windows 7 test system included 14 updates for Windows, another 11 for Office 2010, and an updated version of Silverlight.
Three of today's security updates were rated Critical. None of today's vulnerabilities are listed as being actively exploited at this time.
MS15-043 is a cumulative update for Internet Explorer that fixes 22 separate vulnerabilities, including 14 memory corruption vulnerabilities.
MS15-044 fixes a pair of vulnerabilities in the OpenType and TrueType font rendering code that can be exploited in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, and Microsoft Silverlight. The TrueType vulnerability includes the possibility of remote code execution.
MS15-045 patches a remote code execution vulnerability in the obscure Windows Journal program, which is installed by default in all supported client versions of Windows. Windows Server versions are only affected if the Windows Journal program is installed by enabling Desktop Experience features.
For desktop systems that have Automatic Updates enabled, today's updates will be installed (with a mandatory restart for some) in the normal overnight update window. Despite the daunting number of individual updates, the total size of the update package is relatively small--well under 200 MB on an otherwise up-to-date Windows 8.1 installation and under 250 MB for a system running Windows 7 plus Office.
The accompanying Knowledge Base articles indicate that several of today's security fixes will be available in the next few days for systems running the Windows 10 or Windows Server previews.