Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities

The software giant plans to issue six critical bulletins repairing flaws in Internet Explorer, Word, Excel and Office.

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Microsoft plans to release 10 security bulletins as part of its Patch Tuesday update cycle next week, including critical updates affecting Internet Explorer, Word, Excel and Office.

On Thursday in a June advance notification on Microsoft's TechNet site, the software giant said six of the 10 security bulletins are rated critical.

The Patch Tuesday release will not include a Microsoft security fix addressing a DirectShow vulnerability being actively targeted in the wild. Microsoft said it would release a fix either next month or in an out of band release.

Recent Microsoft updates:
May - Microsoft updates Office to address serious PowerPoint vulnerabilities One of the PowerPoint zero-day flaws was being actively targeted by attackers.

April - Microsoft patches serious Excel zero-day, Windows flaws Microsoft is patching flaws in Excel and WordPad that are reportedly being actively exploited in the wild and could allow an attacker to gain access to sensitive data.

March - Microsoft patches critical Windows kernel flaw: A critical flaw in the Windows graphics rendering component could be exploited by an attacker to gain access to sensitive data and take control of a machine.

"Our security teams are working hard on a security update that addresses this issue to protect customers, but we do not yet have an update that has reached the appropriate level of quality for broad distribution," Christopher Budd, Microsoft security response communications lead said in a statement.

Hackers are targeting a QuickTime handling flaw in DirectShow. The vulnerability enables attackers to create drive-by exploits that target Windows Media Player, which uses DirectShow media-streaming architecture.

Microsoft also plans to release a fix for users of Microsoft Office for Mac, repairing critical PowerPoint flaws patched for other Windows-based versions last month. MS09-017 was the only security bulletin the software giant issued last month. The remote code execution vulnerabilities in Microsoft Office PowerPoint included several memory corruption flaws, legacy file handling errors and an integer overflow error.

Dig deeper on Windows Security: Alerts, Updates and Best Practices

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close