PBI NetWork
Active Member
July's Patch Tuesday to fix six critical Windows, Office, IE security vulnerabilities
Also, Adobe today pushed out security fixes for its Flash and Shockwave media players;
The most recent versions of Flash are available from the Adobe download center:
You can check your stuff here:
_http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html
Adobe Update Download links are then furnished for you...
MSFT STRIKES AGAIN:
Summary: Prepare for a bumpy ride for July's roundup of Patch Tuesday updates, M*crosoft warns, with critical flaws for almost every version of Windows running every bit of hardware.
M*crosoft's monthly release of security updates on deck for Tuesday, commonly known simply as Patch Tuesday, will include six "critical" updates that will require every version of Windows being patched by administrators.
M*crosoft's advanced security bulletin also noted vulnerabilities in Visual Studio, M*crosoft Office, M*crosoft Lync, .NET Framework, and Silverlight. Internet Explorer 6 and above also requires patching on machines running Windows XP through to Windows RT.Read this
_http://technet.microsoft.com/en-us/security/bulletin/ms13-jul/
The unusually high number of "critical" monthly updates in July will see M*crosoft's figure rise to 22, a faster rate than 2012, which ended the calendar year with 34 critical flaws in total.
Bulletin 1 through to 6 all deal with remote code execution, which can give hackers and malware writers access to machines to install malware without user prompts or permission.
A zero-day flaw, spotted by Google researcher Tavis Ormandy, which identified a problem in the kernel of Windows 2000 and above that affects the user privileges of the logged-on user, will also be fixed. He fanned the flames by making the discovery public and calling M*crosoft "often very difficult to work with," and claiming the Redmond, Wash.-based software giant treated security researchers with "great hostility."
Though missed by M*crosoft during June's security update release, Bulletin 4 will fix the kernel flaw.
The remining one bulletin rated as "important" allows hackers to elevate their privileges by exploiting Windows Defender running on Windows 7, or its server counterpart, Windows Server 2008 R2.
Details of the flaws are withheld by M*crosoft until the patches are released to prevent abuse by third parties.
M*crosoft is also expected to issue a number of non-security related fixes to its Surface Pro and Surface RT tablets, in line with previous months.
The security fixes will be released on July 9 through the usual update channels, such as Windows and M*crosoft Update.
_http://krebsonsecurity.com/2013/07/adobe-microsoft-release-critical-updates/
_http://www.zdnet.com/julys-patch-tuesday-to-fix-six-critical-windows-office-ie-security-vulnerabilities-7000017747/?
_http://technet.microsoft.com/en-us/security/bulletin/ms13-jul/
Also, Adobe today pushed out security fixes for its Flash and Shockwave media players;
The most recent versions of Flash are available from the Adobe download center:
You can check your stuff here:
_http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html
Adobe Update Download links are then furnished for you...
MSFT STRIKES AGAIN:
Summary: Prepare for a bumpy ride for July's roundup of Patch Tuesday updates, M*crosoft warns, with critical flaws for almost every version of Windows running every bit of hardware.
M*crosoft's monthly release of security updates on deck for Tuesday, commonly known simply as Patch Tuesday, will include six "critical" updates that will require every version of Windows being patched by administrators.
M*crosoft's advanced security bulletin also noted vulnerabilities in Visual Studio, M*crosoft Office, M*crosoft Lync, .NET Framework, and Silverlight. Internet Explorer 6 and above also requires patching on machines running Windows XP through to Windows RT.Read this
_http://technet.microsoft.com/en-us/security/bulletin/ms13-jul/
The unusually high number of "critical" monthly updates in July will see M*crosoft's figure rise to 22, a faster rate than 2012, which ended the calendar year with 34 critical flaws in total.
Bulletin 1 through to 6 all deal with remote code execution, which can give hackers and malware writers access to machines to install malware without user prompts or permission.
A zero-day flaw, spotted by Google researcher Tavis Ormandy, which identified a problem in the kernel of Windows 2000 and above that affects the user privileges of the logged-on user, will also be fixed. He fanned the flames by making the discovery public and calling M*crosoft "often very difficult to work with," and claiming the Redmond, Wash.-based software giant treated security researchers with "great hostility."
Though missed by M*crosoft during June's security update release, Bulletin 4 will fix the kernel flaw.
The remining one bulletin rated as "important" allows hackers to elevate their privileges by exploiting Windows Defender running on Windows 7, or its server counterpart, Windows Server 2008 R2.
Details of the flaws are withheld by M*crosoft until the patches are released to prevent abuse by third parties.
M*crosoft is also expected to issue a number of non-security related fixes to its Surface Pro and Surface RT tablets, in line with previous months.
The security fixes will be released on July 9 through the usual update channels, such as Windows and M*crosoft Update.
_http://krebsonsecurity.com/2013/07/adobe-microsoft-release-critical-updates/
_http://www.zdnet.com/julys-patch-tuesday-to-fix-six-critical-windows-office-ie-security-vulnerabilities-7000017747/?
_http://technet.microsoft.com/en-us/security/bulletin/ms13-jul/
Last edited:
