News

Heavy Security Patch Coming on Tuesday

June may prove to be a busy month for IT pros, with Microsoft planning to release 10 fixes in its next security patch.

On Tuesday, Redmond expects to deliver six "critical" and three "important" fixes, as well as one "moderate" fix in its monthly patch.

Items slated to be fixed include Windows, Internet Explorer, Word, Excel and the general Microsoft Office suite. All six critical fixes deal with potential remote code execution vulnerabilities. The important fixes are designed to thwart elevation-of-privilege attacks, and the lone moderate patch addresses information disclosure exploits.

Critical Items
The first critical item patches Windows 2000, Windows XP and Windows Server 2008. All supported Windows versions are slated to get patched in the second critical fix.

The third critical bulletin appears to be one of many periodic and cumulative fixes for Microsoft's Internet Explorer browser, covering IE 6, IE 7 and IE 8 across all OSes. Security pros will likely want to focus on this fix, given the rise in browser-based exploits.

Critical fix No. 4 will address Word in the following Microsoft Office suites: Office 2000 Service Pack 3, Office XP SP3, and 2007 Microsoft Office System SP1 and SP2. This wide-ranging fix extends as well to the following applications: Office 2004 and 2006 for Mac; Open XML File Format Converter for Mac; and Microsoft Office Word Viewer and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 file formats.

The fifth critical bulletin will touch on the Excel spreadsheet program. The same Office components apply as described above, and the fix also will cover Office Excel Viewer and Microsoft Office SharePoint Server 2007 SP1 and SP2.

The final critical item is a cumulative Office hotfix. It will address Office 2000, Office 2002, Office 2003 and Office 2007. Microsoft Works 8.5 and 9.0 versions are also covered.

Important and Moderate Items
All of the items deemed important in the June patch have elevation-of-privilege considerations. The first important fix covers every Windows OS version, as does the second important fix.

The third important item will address only Windows 2000, XP and Windows Server 2003, while the fourth important bulletin will only cover Windows XP and Windows 2003. The lone moderate item for this massive June slate is also a Windows OS fix and will only cover Windows XP and Windows 2003.

As usual, Redmond is reminding users interested in nonsecurity updates to visit its monthly knowledgebase article, which lists what Windows users can expect via Windows Update, Microsoft Update and Windows Server Update Services. Those items include a rollup for ActiveX Killbits for Windows, junk e-mail filter and malicious software removal upgrades, plus a cumulative update for Media Center TVPack for Windows Vista.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • How To Remove the Windows 10 Action Center

    Microsoft meant well with Windows 10's Action Center, but the constant pop-up notifications are often more annoying than helpful. Here's how to get rid of them.

  • Google IDs on Azure Active Directory B2B Service Now at 'General Availability'

    Microsoft announced on Wednesday that users of the Google identity and access service can use their personal log-in IDs with the Azure Active Directory B2B service to access resources as "guests."

  • Top 4 Overlooked Features of a Data Backup Strategy

    When it comes to implementing an airtight backup-and-recovery plan, these are the four must-have features that many enterprises nevertheless tend to forget.

  • Microsoft Bolsters Kubernetes with Azure Confidential Computing

    Microsoft on Tuesday announced various developments concerning the use of Kubernetes, an open source container orchestration solution fostered by Google.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.