One of the critical bulletins is actually an update for the Flash libraries in Internet Explorer 10/11 and Edge, it fixes a total of 23 security flaws in the Adobe Flash Player plug-in. Next is a cumulative security fix for Internet Explorer that squases 13 vulnerabilities, as well as a bulletin for Edge that patches six vulnerabilities. Other critical updates focus on a remote code execution flaw in Windows PFD Library, a remote code execution vulnerability in Windows Journal and several holes in the Microsoft Office suite.
The important bulletins fix remote code execution and other flaws in Windows, plug holes in the way WebDAV validates memory, and offer a fix for an elevation of privilege exploit in the Windows kernel-mode drivers. Additionally, there's also an update for security bugs in the .NET framework, a fix for an elevation of privilege exploit in the Windows remote destop display driver, a patch for a denial of service vulnerability in the Active Directory Federation Services, and a denial of service flaw in the Network Policy Server.
A full overview of the bulletins can be read at NetworkWorld.