In yesterday's Patch Tuesday, Microsoft addressed 36 vulnerabilities in their Windows systems. 7 of them are critical, 27 important, 1 moderate, and one is low in severity. One of the Important vulnerabilities is currently actively used by attackers in combination with a Chrome exploit to take remote control over affected computers. Although Google addressed the flaw last month in Chrome 78.0.3904.87, hackers are still targeting users who didn't update the browser.
The 7 critical vulnerabilities, if unpatched and successfully exploited, lead to remote code execution attacks. Another Important vulnerability patched affected PowerPoint software (Microsoft PowerPoint 2010, 2013, and 2016) and could be exploited to run arbitrary code after convincing the target to open a specially crafted presentation file.
Windows users and system administrators are, as always, advised to apply the newest patches as soon as possible - as a part of basic IT hygiene.