Patch Tuesday Brings Badlock Bulletin and Zero Day Fixes

Patch Tuesday Brings Badlock Bulletin and Zero Day Fixes: Patch Tuesday Brings Badlock Bulletin and Zero Day Fixes. Experts warn admins not to be distracted by overhyped bug
Although eight CVEs are associated with Badlock, experts have largely concluded it is not as bad as expected – in fact, the bulletin assigned to it (MS16-047) is only rated “important” by Microsoft.
The main CVE associated with it – CVE-2016-0128 – is a man in the middle attack on specific RPC traffic, which should be patched “as soon as possible,” according to Trustwave threat intelligence manager, Karl Sigler.
“However, I can't say that this vulnerability rises to any level that deserves the focus that a dedicated website and three weeks of build-up have given Badlock,” he added.
“Researchers need to step back and look at their findings as sysadmins might, as an attacker might, because these celebrity vulnerabilities have become shiny objects drawing attention and resources away from more serious threats.”
Of the critical bulletins, two deserve special attention as they address zero day threats.
MS16-050 takes care of 10 bugs in Flash including the botched zero day CVE-2016-1019.