Critical vulnerabilites: IE patched; Flash unpatched
For you:
Microsoft’s latest patch (May 10, 2016) addresses a vulnerability in IE 9, 10 and 11 that has been exploited by specially crafted websites. Flash vulnerability remains. http://arstechnica.com/security/2016/05/beware-of-in-the-wild-0day-attacks-exploiting-windows-and-flash/ We recommend, at the least, that you only allow Flash to load after user acknowledgement.