News

Heavy Security Patch Coming on Tuesday

June may prove to be a busy month for IT pros, with Microsoft planning to release 10 fixes in its next security patch.

On Tuesday, Redmond expects to deliver six "critical" and three "important" fixes, as well as one "moderate" fix in its monthly patch.

Items slated to be fixed include Windows, Internet Explorer, Word, Excel and the general Microsoft Office suite. All six critical fixes deal with potential remote code execution vulnerabilities. The important fixes are designed to thwart elevation-of-privilege attacks, and the lone moderate patch addresses information disclosure exploits.

Critical Items
The first critical item patches Windows 2000, Windows XP and Windows Server 2008. All supported Windows versions are slated to get patched in the second critical fix.

The third critical bulletin appears to be one of many periodic and cumulative fixes for Microsoft's Internet Explorer browser, covering IE 6, IE 7 and IE 8 across all OSes. Security pros will likely want to focus on this fix, given the rise in browser-based exploits.

Critical fix No. 4 will address Word in the following Microsoft Office suites: Office 2000 Service Pack 3, Office XP SP3, and 2007 Microsoft Office System SP1 and SP2. This wide-ranging fix extends as well to the following applications: Office 2004 and 2006 for Mac; Open XML File Format Converter for Mac; and Microsoft Office Word Viewer and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 file formats.

The fifth critical bulletin will touch on the Excel spreadsheet program. The same Office components apply as described above, and the fix also will cover Office Excel Viewer and Microsoft Office SharePoint Server 2007 SP1 and SP2.

The final critical item is a cumulative Office hotfix. It will address Office 2000, Office 2002, Office 2003 and Office 2007. Microsoft Works 8.5 and 9.0 versions are also covered.

Important and Moderate Items
All of the items deemed important in the June patch have elevation-of-privilege considerations. The first important fix covers every Windows OS version, as does the second important fix.

The third important item will address only Windows 2000, XP and Windows Server 2003, while the fourth important bulletin will only cover Windows XP and Windows 2003. The lone moderate item for this massive June slate is also a Windows OS fix and will only cover Windows XP and Windows 2003.

As usual, Redmond is reminding users interested in nonsecurity updates to visit its monthly knowledgebase article, which lists what Windows users can expect via Windows Update, Microsoft Update and Windows Server Update Services. Those items include a rollup for ActiveX Killbits for Windows, junk e-mail filter and malicious software removal upgrades, plus a cumulative update for Media Center TVPack for Windows Vista.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Google To Acquire Cloud Startup Wiz for $32 Billion

    Google has announced a pending agreement to acquire Wiz Inc., a cloud security platform, in an all-cash deal worth $32 billion.

  • FTC Expands Microsoft Antitrust Investigation Under Trump Administration

    The Federal Trade Commission (FTC) is pressing ahead with a broad investigation into Microsoft's business practices, an inquiry that began in the final weeks of the Biden administration.

  • Microsoft to Shut Down Skype Services

    Microsoft will discontinue its Skype telecommunications and video calling services on May 5, 2025, marking the end of the platform's decades-long run.

Most   Popular