This security update resolves several vulnerabilities in several versions of Internet Explorer installed on various Windows operating systems. The vulnerabilities could allow remote code execution if exploited successfully by an attacker. In addition, CVE-2015-2372 is a vulnerability in the VBScript engine that also affects the Internet Explorer is also covered in this update as well as in MS15-066 bulletin.
Malicious attacks have consistently been launched on weak points in the supply chain. Like all attacks, these will evolve into more advanced forms. Software development, with multiple phases that could be placed at risk, is particularly vulnerable.