Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution.
Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
January 14, Microsoft released patches to address these vulnerabilities. OIT will be pushing patches to OIT-supported servers, applications and workstations in the coming days.