News

July 2013 Patch Tuesday: Critical fixes, but in a lazy summer sort of way

Robert Richardson, Editorial Director

Microsoft's July 2013 Patch Tuesday release meant updating a wide variety of products, with the Redmond giant rating six of the seven patches "critical." Three of the patches fix instances in various products of a remote execution vulnerability linked to how Windows parses TrueType

    Requires Free Membership to View

fonts.

Across all seven bulletins, an unusually wide variety of Microsoft's products are affected, including all Internet Explorer versions, all versions of the Windows OS, and multiple versions of Microsoft Office. Paul Ducklin, writing on the NakedSecurity blog, said the range of affected systems means that before applying the patches "it would be wise to make sure that you have all your operational ducks in a row."

In a blog entry, Qualys' Chief Technology Officer Wolfgang Kandek recommended organizations "start the patching process with MS13-053, a bulletin for Windows that applies to all versions of the OS." This is important, Kandek said, at least in part because of the font issue, of which he said, "The most likely attack vector is through end users browsing a malicious webpage or opening an infected document, which results in remote code execution that gives control of the affected machine to the attacker."

Adobe also released Tuesday patches: three bulletins for its Flash Player, Shockwave and ColdFusion products.

And, if it feels like July only just arrived and the patch is landing early, that's because it is. The NakedSecurity blog noted that "it's almost as early as it can be, since July started on a Monday."


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: