News

Microsoft Prepping 9 Fixes for July's Patch

Microsoft is readying three "critical" bulletins and six "important" items for this month's security update, according to the Microsoft Security Bulletin Advance Notification

According to the bulletin listing, two of the three critical items will deal with Window flaws, while the third will address issues in both Windows and Internet Explorer. All three address remote code execution flaws.

Speaking on today's advanced bulletin announcement, Wolfgang Kandek, CTO of Qualys, Inc., discussed in a blog post why these three bulletins should be given top priority once the patch is released on Tuesday:

"Bulletin 1, rated 'critical,' affects all versions of Windows, and we expect it to address the XML vulnerability disclosed by Microsoft in June's Patch Tuesday as KB2719615," said Kandek. "This bulletin will be the highest priority for users, at least for those who did not apply Microsoft's FixIt supplied in the advisory. Bulletin 2 is for Internet Explorer (IE), and is a bit of a surprise as it breaks the usual cycle of supplying an update for IE every two months. The bulletin only applies to IE9 and is thus limited to Vista and above. Bulletin 3 is 'critical' for all desktop operating systems, XP, Vista and WIndows 7; for all others it is rated only 'moderate.'"

As for the remaining six bulletin items, they will fix a sordid collection of problems in Windows, Office, Microsoft Developer Tools and Microsoft Server Software.     

Along with the nine-bulletin patch release, Microsoft will also be releasing an update for its Windows Malicious Software Removal Tool. However, specific information on this and the bulletin items is not provided to limit the exploitation rate of these issues before Tuesday's release.

Also noteworthy for this month is the new release of Microsoft's Windows Update Agent, which helps to govern installation of monthly security updates and out-of-band fixes. The new version aims to fix the hole that allowed the creators of the Flame malware to certify the worm as authentic Microsoft software.

While the update has been available since mid-June, this will be the first time it will be used for a Monthly rollout. The Windows Update Agent fix can be downloaded here.

Look for more information on July's Security Update once released this Tuesday around 10 a.m. PST.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Microsoft Ups Its Windows 10 App Compatibility Assurances

    Microsoft gave assurances this week that organizations adopting Windows 10 likely won't face application compatibility issues.

  • SharePoint Online Users To Get 'Modern' UI Push in April

    Microsoft plans to alter some of the tenant-level blocking capabilities that may have been set up by organizations and deliver its so-called "modern" user interface (UI) to Lists and Libraries for SharePoint Online users, starting in April.

  • How To Use PowerShell Splatting

    Despite its weird name, splatting can be a really handy technique if you create a lot of PowerShell scripts.

  • New Microsoft Customer Agreement for Buying Azure Services To Start in March

    Microsoft will have a new approach for organizations buying Azure services called the "Microsoft Customer Agreement," which will be available for some customers starting as early as this March.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.