Microsoft Thursday released a revamped, more in-depth advance notice on what IT administrators can expect for security patches next week. If nothing changes between now and Tuesday, six security bulletins will be released to address flaws in Windows 2000, XP and Vista; Internet Explorer (IE) 6 and 7; Microsoft Office; Outlook Express and Windows Mail.
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
One "important" update will address flaws in Microsoft Office and Visio communication suite. Though it's not rated critical, Microsoft said this issue could also be used by an attacker to launch malicious code remotely.
One "moderate" update will address an information disclosure flaw in Vista, Microsoft said.
As it does every month, Microsoft will also update its Malicious Software removal tool and hold a Webcast on the June patches on Wednesday. Meanwhile, Microsoft plans to release seven non-security, high-priority updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).
It remains to be seen if Tuesday's patches will address some zero-day flaws that have surfaced since the May updates.
Earlier this week, vulnerability researcher Michael Zalewski published details of four new zero-day flaws in both Firefox and Internet Explorer (IE) attackers could exploit to log keystrokes, download malware and steal cookies.
And last month, Microsoft confirmed it was looking into reports of a new Office zero-day flaw attackers could exploit to cause a denial of service or run malicious code on targeted Windows machines.
Microsoft recently announced changes to its update process, adding new details about upcoming security updates in its Advance Notification Service, which is issued every Thursday before Patch Tuesday.