Microsoft to release seven bulletins next week
Posted on 08 June 2012.
The Microsoft Security Bulletin Advance Notification for June 2012 lists seven bulletins, three of which are rated “critical” and four “important.” The three critical alerts all allow attackers to remotely execute code. With all the recent security news, it’s likely organizations need to roll up their sleeves this month anyway.

Bulletin 1 affects all modern Windows distributions, which means it will affect both business and consumers.

Bulletin 2 is also labeled as critical and affects Internet Explorer 7, 8, and 9. When it comes to remote code execution, browser exploits provide the most bang for buck.

Bulletin 3 is a critical vulnerability that affects Microsoft Windows and the .NET Framework. We've seen several vulnerabilities related to .NET recently. In the past, these types of vulnerabilities exploit systems if a user views a specially crafted webpage using a web browser.

Bulletin 4, which is labeled as important, will likely patch a vulnerability related to how Microsoft Office handles Visual Basic. A victim will likely be compromised if they are duped into opening malicious documents or files.

Bulletin 5 is related to Microsoft Dynamics AX 2012, which is a Microsoft enterprise resource planning software product. Bulletin 5 is labeled as important. The actual usage of this product is uncertain; however, it's safe to assume this vulnerability will not affect a huge number of organizations or consumers. If successfully exploited, this bulletin would result in an escalation of privileges.

Bulletins 6 and 7 are rated important and affect Microsoft operating systems, which could result in an escalation of privileges if successfully compromised. These are the types of bugs which can be exploited at kiosks and other types of multi-user terminals. Bulletin 6 is applicable to all modern Windows operating systems, while Bulletin 7 affects several of the Windows operating systems but not all, which is a bit strange. Both Bulletins 6 and 7 will affect both business and consumers.


Author: Marcus Carey, security researcher at Rapid7.





Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //