The Register: Microsoft has released its July 2012 Patch Tuesday security update, which includes nine bulletins that address 16 vulnerabilities in Windows, Internet Explorer, Visual Basic for Applications and Microsoft Office. Three of those updates are considered "critical."
“The most important patch this month is undoubtedly the XML core services bug," said Andrew Storms, director of security operations for nCircle. "Microsoft issued an advisory for this bug in early June and we've already seen the exploit in a number of exploit toolkits and attacks have been reported in the wild."
Another critical update fixes a remote code execution flaw in Windows, and the third patches several security bugs in Internet Explorer. The Internet Explorer patch was somewhat surprising because Microsoft usually patches its browser every other month and it released an IE patch in June.