Microsoft Patch Tuesday Fixes Six Critical Bugs

Microsoft issues patches for an unusual number of critical vulnerabilities that encompass the companys entire software ecosystem.

10 Hidden Benefits of Windows 8.1 (click image for larger view)
Microsoft has been focusing on
Windows 8 lately
, but there are
numerous versions of Windows in use
and the company cant ignore them. On Tuesday, Microsoft will release an unusually high number of critical patches for almost all of them.
Julys Patch Tuesday
includes fixes for six critical flaws
, all of which involve remote execution bugs that could allow attackers to take control of a users machine. The affected platforms and software includes not only all currently-supported versions of Windows, but also all Internet Explorer versions from IE 6 onward, as well as Office, Lync, Visual Studio, Silverlightand Microsofts .NET framework. If you use any Microsoft product from the last several years, in other words, you probably need at least some of the patches.
Two of the critical exploits require that machines be restarted. Some versions of Windows are more vulnerable than others without a given patch, meaning that some of the updates designated as critical overall are downgraded for specific platforms. Nonetheless, all versions of Windows are afflicted by multiple high-priority exploits.
[ Microsoft is moving more quickly to fix problems. Read
Microsoft Releases First Windows 8.1 Fixes
. ]
Microsoft has also prepared a seventh patch, which it classified as important. It addresses a vulnerability in Windows Defender, the platforms pre-installed security software.
The large batch of critical fixes has raised eyebrows in the security community. In a
blog post
, Paul Ducklin, head of technology at security vendor Sophos, advised businesses to get their operational ducks in a row, adding that the patches are unusually broad. Windows Server Core, for example, is usually excluded from Patch Tuesdays because its stripped-down feature set offers a significantly reduced attack surface area. Its therefore notable that Julys updates include a Windows Server Core 2012 reboot, Ducklin wrote.
Paul Henry, a security and forensic analyst at security tools firm Lumension, similarly told
The Guardian
that this months patches constitute
one of the uglier releases weve seen from Microsoft this year.
Graham Cluley, a senior technology consultant with Sophos, channeled the hacker vernacular to describe the threat,
warning in a blog post
to patch before youre pwned.
IT managers, in short, should be on alert.
The updates are
expected to address a somewhat controversial exploit
reported in June by Google researcher Tavis Ormandy. Ormandy discovered a zero-day vulnerability linked to the kernel for all editions of Windows from Windows 2000 to the present. The Google researcher, who had previously criticized Microsoft as difficult to work with reported the bug privately but waited only a few days before
publishing his findings online
.
Some security professionals have cried foul, arguing that
Ormandys public disclosure was unethical
because it left Microsoft too little time to develop a fix and, in effect, gave malware authors a dangerous head start.
Security firm Secunia
determined that the bug is only semi-urgent
. Still, the firm noted that attackers could use the vulnerability to gain escalated privileges, or to hijack a machine for a denial-of-service attack. Tod Beardsley, a security researcher with Metasploit,
noted in a blog
, however, that this sort of local exploit provides a foundation for more damaging attacks.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Microsoft Patch Tuesday Fixes Six Critical Bugs