Internet Explorer pegged for critical fix on Tuesday
Microsoft's monthly patch release for July covers six remote-code execution vulnerabilities
IDG News Service - Microsoft's monthly patch release for July will cover seven security issues, six of which could be remotely exploited by an attacker.
The company publishes an advisory in advance of its patch date, which is the second Tuesday of the month, so administrators knows what products will be affected. It does not describe the vulnerabilities, however, until the security fixes are released.
The critical vulnerabilities are in the Windows OS, .NET Framework, Silverlight, Office, Visual Studio, Lync and Internet Explorer (IE). A seventh bulletin, ranked as "important," affects Microsoft's Windows Defender security software.
The most important bulletin addresses IE, wrote Wolfgang Kandek, CTO for Qualys. It affects IE versions six through 10 on Windows XP, Vista, 7, 8, Server 2003, Server 2008 and RT.
Microsoft will also fix a zero-day vulnerability revealed by security researcher Tavis Ormandy, Kandek wrote. The problem concerns a memory management problem that is essentially a zero-day vulnerability after an exploit was added to the Metasploit penetration testing tool, he wrote.
Kandek wrote that the patch day will be a bit of work for desktop and server administrators. "All in all, a normally sized Patch Tuesday, but with a large number of critical issues," he wrote.
The bulletins will be released at 10 a.m. Tuesday PDT.
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Security for Virtualization In the rush to implement virtualization, security has become second. So while the business benefits are clear, the risks are less well documented...
- Review: Box beats Dropbox - and all the rest - for business Box trumps Dropbox, Engyte, Citrix ShareFile, EMC Syncplicity, and OwnCloud with rich mix of file sync, file sharing, user management, deep reporting and...
- Analyst Report-Mixed All Flash Arrays Delivers Safer Higher Performance What is the impact of an all-flash array with enterprise features and reliability on the mainstream data center? In the mainstream environment, storage...
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
All Malware and Vulnerabilities White Papers |