Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Internet Explorer pegged for critical fix on Tuesday

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
mogs Internet Explorer pegged for critical fix on Tuesday
Expert Contributor 5th Jul, 2013 10:52
Ranking: 2265
Posts: 6,266
User Since: 22nd Apr, 2009
System Score: 100%
Location: UK

Microsoft's monthly patch release for July covers six remote-code execution vulnerabilities

By Jeremy Kirk
July 4, 2013 09:52 PM ET

IDG News Service - Microsoft's monthly patch release for July will cover seven security issues, six of which could be remotely exploited by an attacker.

The company publishes an advisory in advance of its patch date, which is the second Tuesday of the month, so administrators knows what products will be affected. It does not describe the vulnerabilities, however, until the security fixes are released.

The critical vulnerabilities are in the Windows OS, .NET Framework, Silverlight, Office, Visual Studio, Lync and Internet Explorer (IE). A seventh bulletin, ranked as "important," affects Microsoft's Windows Defender security software.

The most important bulletin addresses IE, wrote Wolfgang Kandek, CTO for Qualys. It affects IE versions six through 10 on Windows XP, Vista, 7, 8, Server 2003, Server 2008 and RT.

Microsoft will also fix a zero-day vulnerability revealed by security researcher Tavis Ormandy, Kandek wrote. The problem concerns a memory management problem that is essentially a zero-day vulnerability after an exploit was added to the Metasploit penetration testing tool, he wrote.

The company described the vulnerability, CVE-2013-3660, as a "a publicly known issue in the kernel-mode drivers component of Windows."

Kandek wrote that the patch day will be a bit of work for desktop and server administrators. "All in all, a normally sized Patch Tuesday, but with a large number of critical issues," he wrote.

The bulletins will be released at 10 a.m. Tuesday PDT.

http://www.computerworld.com/s/article/9240581/Int...

--

Maurice Joyce RE: Internet Explorer pegged for critical fix on Tuesday
Handling Contributor 5th Jul, 2013 11:11
Score: 11626
Posts: 8,915
User Since: 4th Jan 2009
System Score: N/A
Location: UK
For those who like advanced notifications of Microsoft "Patch Tuesday" the actual in depth bulletin is here:

http://technet.microsoft.com/en-us/security/bullet...

Home users can subscribe to the notifications which gives a truer picture of what MS intend doing.

http://technet.microsoft.com/en-us/security/dd2529...



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability