https://technet.microsoft.com/en-us/library/security/ms15-oct.aspx
Has several patches including MS15-106 ” One memory corruption vulnerability (CVE-2015-6056) has been publicly disclosed.” from the following link:
https://msisac.cisecurity.org/advisories/2015/2015-121.cfm
As far as Microsoft patches go – the ones that patch remote code execution in the vulnerability impact column.
And 4 of the 6 have remote code execution. As a systems person I am always most concerned of MS15-109 as it is a Windows Shell vulnerability.
https://technet.microsoft.com/en-us/security/gg309177.aspx
Notice the critical portion of this link:
{ A vulnerability whose exploitation could allow code execution without user interaction. These scenarios include self-propagating malware (e.g. network worms), or unavoidable common use scenarios where code execution occurs without warnings or prompts. This could mean browsing to a web page or opening email. }
Microsoft recommends that customers apply Critical updates immediately.
I.e. this unpatched vulnerability could create another supervirus like the named ones in the past (Melissa, Code Red and more).
And here are the systems which could be affected:
Win10,Win8,Win7, Winserver2008, Winserver2012, WinRT, WinVista basically all windows systems
Needless to say patch your systems!!!