Internet Explorer pegged for critical fix on Tuesday
Microsoft's monthly patch release for July covers six remote-code execution vulnerabilities
IDG News Service - Microsoft's monthly patch release for July will cover seven security issues, six of which could be remotely exploited by an attacker.
The company publishes an advisory in advance of its patch date, which is the second Tuesday of the month, so administrators knows what products will be affected. It does not describe the vulnerabilities, however, until the security fixes are released.
The critical vulnerabilities are in the Windows OS, .NET Framework, Silverlight, Office, Visual Studio, Lync and Internet Explorer (IE). A seventh bulletin, ranked as "important," affects Microsoft's Windows Defender security software.
The most important bulletin addresses IE, wrote Wolfgang Kandek, CTO for Qualys. It affects IE versions six through 10 on Windows XP, Vista, 7, 8, Server 2003, Server 2008 and RT.
Microsoft will also fix a zero-day vulnerability revealed by security researcher Tavis Ormandy, Kandek wrote. The problem concerns a memory management problem that is essentially a zero-day vulnerability after an exploit was added to the Metasploit penetration testing tool, he wrote.
Kandek wrote that the patch day will be a bit of work for desktop and server administrators. "All in all, a normally sized Patch Tuesday, but with a large number of critical issues," he wrote.
The bulletins will be released at 10 a.m. Tuesday PDT.
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Malware and Vulnerabilities White Papers | Webcasts