Microsoft To Patch Three Critical Flaws

Microsoft plans to issue a total of seven security bulletins for its upcoming June 10 Patch Tuesday update release, three of which are considered critical.

Specifically, Microsoft plans to plug critical holes in Internet Explorer, DirectX and Bluetooth. All three of the critical vulnerabilities could potentially enable a remote attacker to execute malicious code that could take complete control of a user's computer or shut down the system entirely.

Microsoft released the news of its fixes through its advanced notification bulletin, which was made public Thursday. However users will have to wait until Tuesday for the company to disclose full details of the security updates.

Both the DirectX and IE updates address flaws that affect Internet Explorer 7, Windows 2000, Windows XP, Windows Vista and Windows Server 2003 and 2008. Meanwhile, the Bluetooth bulletin affects Windows XP and Vista.

In addition to the three critical flaws, Microsoft is releasing three bulletins rated "important" affecting numerous versions of Windows in PGM, Active Directory and WINS. If exploited, the flaws in both PGM and Active Directory could lead to a denial of service attack.

The WINS error could open the door for an unauthorized user to obtain elevated system privileges.

In addition, Microsoft issued a "Kill Bit" bulletin rated "moderate," affecting Windows 2000, Windows XP, Vista, Windows Server 2003 and 2008. The error, if left unpatched, could enable a remote attacker to execute arbitrary code.

Tweet

   

More Security