Tuesday, May 11, 2021

Patch Tuesday to Include Critical IE Update

For its June 2013 Patch Tuesday update, Microsoft has a fairly light release planned—just five security updates. However, one of those is a critical update for Internet Explorer that addresses many vulnerabilities.

InfoSecurity reported, “There are only five security bulletins from Microsoft this month, but with one involving versions of Internet Explorer from 6 to 10, and another involving an actively exploited Office vulnerability, administrators cannot afford to delay implementation. ‘Just because there are only five bulletins this month,’ warns Ziv Mador, director of security research at Trustwave, ‘doesn’t mean we shouldn’t pay attention to them.’ For forward planning, he notes that four of the five will require system restarts – and the fifth might, depending on what else is installed.”

SC Magazine quoted Paul Henry, security and forensic analyst at Lumension, who said, “It’s a record month for Microsoft this month. With just five bulletins, June marks the lowest number of bulletins we’ve seen from Microsoft to date this year, making it a light month for IT administrators.”

PCWorld’s Tony Bradley observed, “The biggest priority for June will be Bulletin 1: a cumulative update for Internet Explorer—addressing 19 of the 23 issues fixed by Microsoft for Patch Tuesday. ‘Bulletin One is downright scary, a remote code execution on IE on all versions of Windows [running from IE 6 through 10 on various platforms],’ says Ken Pickering, development manager of security intelligence for CORE Security. ‘This one would make it easy to remotely gain access to someone’s machine via a malicious webpage.'”

NetworkWorld quoted Ross Barrett of Rapid7, who said, “The next top issue would be the remote code execution in Office. Since this is listed as only ‘important,’ there are likely significant hurdles to exploitation.”

Similar articles

Latest Articles

Top 10 Professional Services...

Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

What is Data Aggregation?

Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...

Dell APEX: Our...

One of the missteps IBM made last century was collapsing their sales model, which was services based, to generate a short-term revenue spike. Up...

Companies that Scaled Technology...

NEW YORK — Companies that “doubled down” on their investment in mostly data-heavy technology during the COVID-19 pandemic have seen their revenue grow five...