Microsoft To Issue 16 Updates For Patch Tuesday Release
monster Patch Tuesday release June 14
Altogether, the updates repair flaws in Windows, Internet Explorer and Office, as well as Microsoft .NET Framework, Microsoft SQL Server, Microsoft Visual Studio and Microsoft Silverlight.
Nine of the 16 bulletins repair vulnerabilities designated with the highest severity ranking of “critical,” allowing remote code execution that enables hackers to exploit security vulnerabilities by launching malicious code remotely onto users’ systems. Of the fixes rated“critical, at least six require a reboot.
In addition, the giant Patch Tuesday update includes seven security bulletins given the slightly less severe ranking of “important,” although one can enable remote code execution. Other bulletins designated as “important” open the door for hackers to launch denial of service attacks, elevation of privileges and unauthorized information disclosure.
Microsoft’s hefty security bulletin release follows on the heels of a relatively light May Patch Tuesday that repaired a total of three flaws in just two updates for Windows and Office PowerPoint.
Security experts have said that it’s not unusual for Microsoft to alternate light patches with heavier ones.
“From the 16 advance bulletins we saw, it is clear that Microsoft is back to its typical practice of being very disruptive on Patch Tuesday,” said Paul Henry, security and forensic analyst for Lumension.”This will be a long hot summer for IT professionals and there is just no room to slow down.”
The giant patch follows after a spate of high-profile data breaches, including attacks against Sony, PBS and Google, several of which have exploited common vulnerabilities with easy to execute SQL injection attacks. The rash of data breaches could potentially be a driving force in the heavy patch, Henry said.
“This disruption comes in the wake of several high profile security breaches over the past month,” Henry said. “Board of Director members are becoming more aware because of recent data breaches, and pressures are applied to IT security pros this summer,” Henry said. “On top of the expected vulnerabilities that need to be patched, we now have additional, often unsuspected, breaches to pick up the pieces from.”
The Microsoft security bulletins will be available Tuesday via the Microsoft Download Center, found by doing a keyword search for “security update.”