Microsoft To Issue 7 Patches This Month

Redmond projects a rollout of seven fixes, with three rated critical, three important and one moderate.

Redmond projects a rollout of seven fixes for its June patch release, with three rated critical, three important and -- in a rare twist, considering previous months' rollouts -- one moderate.

A good deal of the bulletins relate to potential remote code execution (RCE) exploits, a recurring theme for Microsoft applications and services for years now. In fact, all of the critical items slated for this month's Patch Tuesday plug holes vulnerable to RCE exploits in Windows programs interacting with wireless protocol using voice and data for Bluetooth, Internet Explorer and Microsoft DirectX.

Meanwhile, the important fixes represent a mix of security preparedness considerations as they're designed to block elevation of privilege and denial-of-service attacks in Windows Internet Name Service, Active Directory and Pragmatic General Multicast, a transport protocol in Windows programs used for file transfer and streaming media.

The lone moderate patch pertains to the kill bit function in Windows programs, a method by which a user can shut of an ActiveX control in Internet Explorer.

Critical Items
The first critical item dealing with Bluetooth and how it interoperates with Windows components and applications affects XP SP2 and SP3 and Vista SP1.

Next is the critical patch for IE, which will likely be the one critical item to watch closely as it affects every release from IE 5.01 through IE 7 and cuts a wide swath across operating systems. This patch will touch Windows 2000 SP4, XP SP2 and SP3, Windows Server 2003 SP1 and SP2, Vista SP1, and all versions of Windows Server 2008.

The final critical patch deals with different versions of DirectX, a group of application programming interfaces mostly used by developers of games, streaming audio, interactive video and other graphics features on Microsoft platforms. It affects Windows 2000 SP4, XP SP2 and SP3, Vista SP1, and Windows Server 2003 and 2008.

All the critical items have RCE implications.

Important Bulletins
The leading important patch this month involves Windows Internet Name Service, a data cluster for names and network addresses that acts as the central mapping function for the network. This patch would prevent a hacker incursion that could result in someone elevating administrative and read, write and edit privileges in a given system. It affects all editions of Windows Server 2003.

The second important patch touches Active Directory settings in XP, Windows Server 2003 and the 32- and 64-bit versions of Windows Server 2008. AD is a critical feature where Windows settings are configured for end users and super-users, and serves as a sort of a system setup schematic. The patch would prevent a hack that would leave enterprise users locked out of the system via denial-of-service exploits.

The third and final important patch is something IT security pros rarely have to deal with but that network admin folks might see more often: the file transfer and streaming media transmission protocol called Pragmatic General Multicast. This fix would also prevent denial-of-service exploits from seeping through. It affects XP, Vista, Windows Server 2003 and Windows Server 2008.

The Moderate Kill Bit Patch
Typically, when a security vulnerability involves an ActiveX control, a patch delivers a new control and sets the "kill bit" on the vulnerable control. This patch is, in effect, a patch for the kill bit function itself. It touches Windows 2000 SP4, XP, Vista, and Windows Server versions 2003 and 2008.

All seven patches will require a restart or reboot of some kind.

And, once again, Microsoft is referring IT pros and Windows Enterprise professionals to this Knowledge Base article for a description of non-security and high-priority updates on Microsoft Update, Windows Update and Windows Server Update Services. The support page is a crowded but comprehensive list of changes in content and deployment of updates. Some of this month's items include updates for IE 7 dynamic installer and updates for XP, Vista, and Windows Server versions 2003 and 2008.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.


  • How To Configure Windows 10 for Intel Optane Memory

    Intel's Optane memory technology can significantly improve the performance of your Windows 10 system -- provided you enable it correctly. A single mistake can render the system unbootable. Here's how to do it the right way.

  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

  • How To Automate Tasks in Azure SQL Database

    Knowing how to automate tasks in the cloud will make you a more productive DBA. Here are the key concepts to understand about cloud scripting and a rundown of the best tools for automating code in Azure.

comments powered by Disqus