On Tuesday, Microsoft issued patches to address 53 vulnerabilities, to include 20 critical fixes, as part of November security updates. Also noteworthy was four of the fixes addressed vulnerabilities with known public exploits (CVE-2017-11848, CVE-2017-11827, CVE-2017-11883 and CVE-2017-8700).
Also, 25 of the fixes addressed remote execution (RCE) bugs and even one fix addressed a 17 year old arbitrary code execution bug in MS Office Suite. None of the Windows OS patches address critical vulnerabilities.
Qualys further recommended system admins to focus on patches that Microsoft says are more likely to exploit (via phishing attacks or viewing malicious sites): CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11871, and CVE-2017-11873, that all address the Scripting Engine in Edge and Internet Explorer.
Special attention on laptops and desktops, where users may have logged in with administrative privileges.