I've been tasked with updating the Microsoft security patches list to be installed in our computers. I've done a first pass of the KBs and their related bulletins in the Microsoft site and I'm a bit confused by one aspect of it.
Take for example, MS15-057, KB3033890, a WMP critical patch. This patch has been superseded by MS16-027 and two separate KBs are listed, KB3138910 referring to CVE-2016-0101 and KB3138962 referring to CVE-2016-0098. Both of these fix the same VMP vulnerability which was previously fixed by KB3033890.
My question is, do I need to install both of these KBs? There are more of these examples and I'm looking to get some info on the matter. Thanks all!
