You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
As this is the second Tuesday of the month, otherwise known as Patch Tuesday, there is a security update available for Windows that fixes dozens of flaws. One of them is a critical vulnerability in WordPad and Office that could allow a remote attacker to install malware on your machine.
"A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft explains.
What's also interesting here is that you won't find that tidbit in a security bulletin, as would have been the case for every Patch Tuesday prior to today. That's because Microsoft has introduced a new format for these updates in which it now provides details about its patch through its "Security Update Guide."
Now everyone is a fan of the new format. The Register complains that the new system "merely obfuscates discovered vulnerabilities and fixes," and called it "cowardly" in Microsoft's part to bury critical fixes in the new format, including the WordPad patch. Likewise, Zero Day Initiative called it "confusing."
Our take is that it's...different. It takes a bit of digging/clicking to see which flaws are critical, and that's certainly annoying, but the information is still there.
In this case, the Patch Tuesday update contains a laundry list of CVEs in Edge, Internet Explorer, Windows, Office, Visual Studio for Mac, Silverlight, and .NET Framework. If you want to view which ones are marked as Critical, go here and click the Severity checkbox at the top, then click the new Severity column.
