Microsoft’s Patch Tuesday for the month of July is almost here and the company is releasing 9 patches that fixes various vulnerabilities in products such as the Windows operating system, Office productivity suite, and Internet Explorer browser.
Patch Tuesday for July 2012 takes place on the 10th of July and features nine patches. Three of the patches are rated “critical” and deal with remote code execution, while the remaining six patches are rated “important” and affect Microsoft Office, Developer Tools, Windows operating system, and various Microsoft Server software. All of the critical patches deal with Windows and Internet Explorer 9. The issue with Office deals with an email being sent to a vulnerable Office system. “As an attacker, I would just need to send an email to someone running a vulnerable Microsoft Office system anywhere in the world, get them to interact with something on that email, and I have control of their machine. The attacker does not need to ‘see’ the system they are targeting. This makes the initial attack easier and a higher-probability. This initial attack vector, in combination with MS Office’s widely deployed installed base, makes this bulletin a very attractive issue for attackers,” states Alex Horan, senior product manager, CORE Security.
