January Patch Tuesday tackles 50 bugs, with eight rated critical, all as it pushes out its last regular Windows 7 patches. The vulnerability, rated important, was found by the U.S. National Security Agency (NSA) and is not being actively exploited. The fixes are for Windows, Internet Explorer, Office,.Net and a variety of developer tools. All of the critical bugs are remote-code-execution (RCE) bugs, none yet exploited in the wild. The most notable news is still the final public patch release for Windows 7, Server 2008, and Server 2008 R2.
Source: https://threatpost.com/microsoft-patches-crypto-bug/151842/