- Apr 25, 2013
- 5,355
Microsoft is gearing up to issue six bulletins in this month's round of Patch Tuesday updates.
The July updates - which will be issued next Tuesday, 8 July - feature two critical, three important, and one moderate bulletin, making it one of the mildest so far this year.
The bulletins one and two, both rated critical, affect Windows Vista, Windows 7, Windows RT and RT 8.1, and Windows 8 and 8.1. Both will resolve remote code execution vulnerabilities in the Windows operating system, while bulletin one will also address the same type of issue in Internet Explorer.
Windows Server 2003 to 2012 are also affected by bulletin one, with bulletin two affecting only Windows Server 2008-2012.
Bulletins three, four and five are all rated important and deal with elevation of privilege issues.
Bulletin three applies to Windows Vista, Windows 7, Windows 8 and 8.1, Windows RT and RT 8.1, as well as Windows Server 2008 to 2012. Bulletin four addresses vulnerabilities in all current Windows and Windows Server operating systems. Bulletin five, meanwhile, affects Windows 7 to 8, but not RT 8 or 8.1, and Windows Server 2008 to 2012.
Finally, bulletin six, rated moderate, fixes denial-of-service vulnerabilities, but is only applicable to Microsoft Server software.
"All of the vulnerabilities in this month's release were discovered by Microsoft or privately disclosed by security researchers. The good news is that none of these vulnerabilities have been exploited in the wild yet," said Karl Sigler, threat intelligence manager at Trustwave. "Of course, after the bulletin is released the race will be on to develop exploits, so it is still important to install these security updates as soon as possible."
The exact details of the updates will be kept under wraps until next Tuesday.
The July updates - which will be issued next Tuesday, 8 July - feature two critical, three important, and one moderate bulletin, making it one of the mildest so far this year.
The bulletins one and two, both rated critical, affect Windows Vista, Windows 7, Windows RT and RT 8.1, and Windows 8 and 8.1. Both will resolve remote code execution vulnerabilities in the Windows operating system, while bulletin one will also address the same type of issue in Internet Explorer.
Windows Server 2003 to 2012 are also affected by bulletin one, with bulletin two affecting only Windows Server 2008-2012.
Bulletins three, four and five are all rated important and deal with elevation of privilege issues.
Bulletin three applies to Windows Vista, Windows 7, Windows 8 and 8.1, Windows RT and RT 8.1, as well as Windows Server 2008 to 2012. Bulletin four addresses vulnerabilities in all current Windows and Windows Server operating systems. Bulletin five, meanwhile, affects Windows 7 to 8, but not RT 8 or 8.1, and Windows Server 2008 to 2012.
Finally, bulletin six, rated moderate, fixes denial-of-service vulnerabilities, but is only applicable to Microsoft Server software.
"All of the vulnerabilities in this month's release were discovered by Microsoft or privately disclosed by security researchers. The good news is that none of these vulnerabilities have been exploited in the wild yet," said Karl Sigler, threat intelligence manager at Trustwave. "Of course, after the bulletin is released the race will be on to develop exploits, so it is still important to install these security updates as soon as possible."
The exact details of the updates will be kept under wraps until next Tuesday.