Microsoft Patch Tuesday Brings Eight Critical Vulnerabilities

Microsoft alerted us this time about 12 vulnerabilities of which eight were rated critical, three important and one moderate.

Here comes another cumulative security update for Internet Explorer that resolves several newly discovered, publicly and privately reported vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

A remote code execution vulnerability exists in Microsoft JScript that could allow an attacker to take complete control of an affected system. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Users are recommended to update as soon as possible.

If you want more information about these Security Bulletins do check out the TechNet Webcast that will present a brief overview of the technical details of the June security bulletins followed by an extensive Q&A session that will give you the opportunity to ask questions and get answers from Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation.