Amid Stuxnet and Flame, A Highly Important Patch Tuesday Approaches


The June edition of Microsoft’s Patch Tuesday lists seven bulletins, three of which are rated “critical” and four of which are described as “important.” The three critical alerts are all based on closing gaps through which attackers can remotely execute code.

The first bulletin is likely to impact both business and consumers, and it is expected to be the most critical issue needing to be resolved.

The second bulletin, which is also listed as critical, affects Internet Explorer versions 7, 8 and 9. “I always worry about browser-based attacks because they have the biggest attack surface,” said Marcus Carey, security researcher at Rapid7. “It’s important to make sure that they close all those doors. A lot of people have been asking whether they need to worry about Flame doing a Windows update attack. But that requires a man in the middle which is something that should not affect a mass of people. If Flame is on your local network, you might have to be concerned. But Flame was heavily targeted, so it’s not something for the average person to worry about.”

[Related: Microsoft Windows 8 Will Favor IPv6, But Continue IPv4 Support]

The third bulletin is a critical vulnerability that affects Microsoft Windows and the Net Framework. The Net framework also figured heavily into the May edition of patch Tuesday. Some of the past vulnerabilities exploit systems if a user views particular malicious websites.

Labeled as important, the fourth bulletin will likely patch a vulnerability related to how Microsoft Office handles Visual Basic under specific circumstances where a user opens malicious documents or files.

The first four bulletins are the most important ones that require immediate action,” said Wolfgang Kandek, CTO of Qualys, in an interview with CRN. “It’s also important to act on the updates that resolve the potential abuse of a Microsoft certificate in the signing of the Flame malware. Anyone who hasn’t yet installed this update needs to move on it right away, and then focus on the remaining patches coming out on Tuesday.”

Also listed as important, the fifth bulletin is related to the ERP planner, Microsoft Dynamics AX 2012. The net effect of the targeted exploit involves escalation of user privileges.

Privilege abuse also factors heavily into the sixth and seventh bulletins, which are also rated important. Both of these patches are designed to close vulnerabilities to malware delivered through kiosks and other types of multi-user terminals.