Microsoft to Fix 28 Vulnerabilities in June Patch Tuesday

Microsoft has been busy of late, what with the scramble surrounding the Flame malware and the forged certificate that the attackers were able to use to spread the malware via a fake Windows Update service. Now, the company is planning to release seven bulletins next Tuesday covering 28 vulnerabilities in its June Patch Tuesday.

Patch TuesdayMicrosoft has been busy of late, what with the scramble surrounding the Flame malware and the forged certificate that the attackers were able to use to spread the malware via a fake Windows Update service. Now, the company is planning to release seven bulletins next Tuesday covering 28 vulnerabilities in its June Patch Tuesday.

Three of the bulletins Microsoft will release are rated critical, and all of the vulnerabilities they cover can lead to remote code execution. The four other bulletins are rated important, and one of those can result in remote code execution. The seven bulletins will fix flaws in Windows, the .NET Framework, Microsoft Dynamics, Internet Explorer and Visual Basic for Applications.

Microsoft also will be rolling out a change to its Windows Update service in the coming days that is designed to harden the infrastructure and prevent the kind of attack that the Flame authors were able to pull off. That change will involve deploying a new certificate that will be the only one trusted by WU clients, and that certificate only will be used to protect WU files.

Here’s the list of the bulletins:

Bulletin ID Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software
Bulletin 1 Critical 
Remote Code Execution
Requires restart Microsoft Windows
Bulletin 2 Critical 
Remote Code Execution
Requires restart Microsoft Windows,
Internet Explorer
Bulletin 3 Critical 
Remote Code Execution
May require restart Microsoft Windows,
Microsoft .NET Framework
Bulletin 4 Important 
Remote Code Execution
May require restart Microsoft Office,
Microsoft Visual Basic for Applications
Bulletin 5 Important 
Elevation of Privilege
May require restart Microsoft Dynamics AX
Bulletin 6 Important 
Elevation of Privilege
Requires restart Microsoft Windows
Bulletin 7 Important 
Elevation of Privilege
Requires restart Microsoft Windows

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.