Advance notice of patches to be released for June – to be released on June 10

Microsoft has just provided advance notice of the patches that are scheduled to be released on June 10 at 12 (noon). The details as they are currently known are available at – https://technet.microsoft.com/library/security/ms14-jun There are a total of seven patches; two of which are assigned a designation of CRITICAL and five are assigned a designation of IMPORTANT. The CRITICAL patches could allow remote code execution if successfully exploited and apply to Windows (both workstation and server OSs), Internet Explorer, Office and Lync.

Bulletin #1 (CRITICAL) is associated with the Internet Explorer patches and Bulletin #2 (also CRITICAL) applies to both workstation and Server Operating Systems. The critical designation also applies to ALL server operating systems even if Server Core Only installations are performed. That would imply the modules being patched are not only applicable to the graphic (or GDI) elements of the Windows environment.

As of this time no additional details are available. Considering the scope of the June patches, it is likely a patch as soon as possible recommendation will be issued; even for server implementations.

Update June 10 12:30 p.m.

Microsoft has just released the patches for June. As previously indicated, there are two critical and five important patches. The patch for Internet Explorer (https://technet.microsoft.com/library/security/ms14-035 ) addresses a total of fifty-nine vulnerabilities, only two of which had been reported publicly. While the remaining fifty-seven vulnerabilities had been privately reported, many of them are likely to have reliable exploit code released within the next 30 days.

Additionally, the second critical patch applies to all current Windows workstation and Server operating systems. It is identified as https://technet.microsoft.com/library/security/ms14-036 . The vulnerability would allow remote code execution if successfully exploited.

It is recommended these patches be applied to all Windows workstation and server systems as soon as possible.

A patch was also issued for Adobe Flash on June 10. Details for the flash update can be obtained from http://helpx.adobe.com/security/products/flash-player/apsb14-16.html . The current version of Flash for Macintosh and Windows workstations prior to windows 8 and Server 2012 is 14.0.0.125. The Flash version for Windows 8, 8.1, RT, RT 8.1 and Server 2012 systems is 25.0. Details for Flash on Windows 8/ Server 2012 systems and later is available from https://technet.microsoft.com/library/security/2755801

Tags:

Categories: Uncategorized