Patch/Configuration Management, Vulnerability Management

Patch Tuesday sees 16 fixes

Microsoft's June Patch Tuesday was released Tuesday to address 34 vulnerabilities in 16 bulletins, nine of which are labeled "critical" by the Redmond, Wash.-based computing giant.

The critical bugs can enable an attacker to exploit programs through remotely executing code on computers operating with the vulnerable software.

“There's going to be a lot of heavy lifting for IT administrators this month,” Dave Marcus, director of security research and communications at McAfee Labs, said in a statement. “Not only are there a large number of Microsoft patches, there's also the additional Adobe and Java patches to address as well. Administrators should evaluate and prioritize the most important patches for their organization.”

Qualys CTO Wolfgang Kandek ranked as the highest priority Microsoft bulletins MS11-050, which addresses 11 vulnerabilities in Internet Explorer (IE) versions 6,7, 8 and 9, and MS11-052, which patches VML, a markup language that is used mainly in IE.

"Browser and plug-in vulnerabilities together have been the point of entry for many recent security incidents and are the main infection vector for mass malware, such as Zeus and SpyEye," Kandek said in a statement.

Other high-priority bulletins, according to Kandek, are MS11-042 and MS11-043, which address critical flaws in the SMB and DFS clients on Windows.

"With this Patch Tuesday, we are seeing Internet Explorer 9 affected for the first time," Paul Henry, security and forensic analyst for Lumension, said in a statement. "However, IE9 isn't as much of a concern as IE6, which often seems to be the lowest common denominator in security breaches. It is absolutely imperative that people download a newer version of IE in order to take advantage of the more secure codebase."

Simultaneously, Adobe announced it expects to provide updates on Tuesday for critical bugs embedded in Adobe Reader X (10.0.1) for Windows, Adobe Reader X (10.0.3) for Mac, and Adobe Acrobat X (10.0.3) for Windows and Mac.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.