Advance notice of July Microsoft patches – to be released on July 8 at noon

Microsoft has just provided advance notice of the patches that are scheduled to be released on July 8 at 12 (noon cdt). The details as they are currently known are available at – https://technet.microsoft.com/library/security/ms14-jul  There are a total of six patches; two of which are assigned a designation of CRITICAL and three are assigned a designation of IMPORTANT and one MODERATE.   The CRITICAL patches could allow remote code execution if successfully exploited and apply to all current versions of Internet Explorer, and all currently supported versions of Windows desktop and server operating systems.

Bulletin #1 (CRITICAL) is associated with the Internet Explorer patches and Bulletin #2 (also CRITICAL) applies to both workstation and Server Operating Systems.  The critical designation also applies to server operating systems excluding those that have the ‘server core only’ operating system functions installed.

As of this time no additional details are available.   Considering the scope of the July patches, it is likely a patch as soon as possible recommendation will be issued; even for server implementations.

With the exception of updates for Google Chrome and Mozilla Firefox browsers, no other updates have been released since the notification last month.

 

Update July 8 12 noon

Microsoft has recently released the patches for July.  As previously indicated, the patches consist of one two critical updates, three important and one moderate.  Bulletin #1 is associated with the bimonthly patches for all currently supported versions of Internet Explorer. It includes one publicly  reported and twenty-three privately reported vulnerabilities.

Bulletin #2 is associated with a single privately reported vulnerability that could allow remote code execution if the user opened a specially crafted journal file. Bulletin #2 applies to all workstation operating systems and also 32 and 64 bit versions of Windows Server 2008, Server 2008R2, and Server 2012 for which a server core only installation was NOT performed.  For server systems that use the Itanium processor or where a server core only installation was performed, the patch is not applicable.

Additionally, on July 8, an update was released for Adobe Flash for both Internet Explorer 10 and 11. The update is available through Microsoft and also for older versions of Internet Explorer, from the Adobe site. Details are available at – http://helpx.adobe.com/security/products/flash-player/apsb14-17.html

Tags:

Categories: Uncategorized