Microsoft has issued the latest Patch Tuesday security update, releasing 16 fixes for core products including five rated critical.
Internet Explorer is involved, as ever, with a fix for a flaw tagged MS16-063 that could allow remote code execution if a user visits a specially crafted webpage designed to exploit the vulnerability.
The hacker could gain the same rights as the user, including taking control of the system, viewing, changing or deleting data and creating new accounts with full user rights, Microsoft warned.
The flaw is rated critical for IE 9 and 11 on affected Windows Clients and moderate for IE 9, 10 and 11 on affected Windows servers.
The Edge browser also has a critical fix for an almost identical problem.
Qualys CTO Wolfgang Kandek said in a blog post that companies should apply the browser fixes as soon as possible.
“These vulnerabilities represent a favourite attack vector for cyber criminals, and we recommend addressing them in the next seven days,” he said.
However, Kandek added that the most important fix is MS16-071, which affects the Microsoft Windows DNS Server.
“This security update resolves a vulnerability in Microsoft Windows that could allow remote code execution if an attacker sends specially crafted requests to a DNS server,” said Microsoft.
Kandek warned that firms must act quickly to apply this patch. “Successful exploitation yields the attacker remote code execution on the server, which is extremely worrisome on such a mission-critical service as DNS,” he said.
“Organisations that run their DNS server on the same machine as their Active Directory server need to be doubly aware of the danger of this vulnerability.”
The other notable critical fix is for Office, and again could allow remote code execution if a user opens a specially crafted Microsoft Office file.
"An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user," said Microsoft.
The other 11 fixes are rated as important and cover several services, and again the advice is to act quickly on those that have a direct impact.
The current rate of patches being issued Microsoft puts the firm on track for a record year. Kandek noted that the June release brings the half-year total to 81, suggesting a possible 160 by the end of the year.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago