Microsoft’s June Patch Tuesday security update has patched more than two-dozen security vulnerabilities across a number of its products.
The patches were included in seven bulletins, three of which were rated “critical” and touch issues related to Internet Explorer, .NET Framework and the Remote Desktop Protocol (RDP). The other four bulletins are rated “important,” though like the critical ones they have all been given an exploitability index rating of 1, meaning that the development of exploit code is likely.
The MS12-037 bulletin, which contains 13 security fixes for Internet Explorer, is being regarded by Microsoft and some security researchers as one of the most important to deploy immediately. One of the vulnerabilities it fixes, CVE-2012-1875, is already being used in limited attacks in the wild. The bulletin also fixes CVE-2012-1876, which was used by VUPEN Security during the PWN2OWN contest held early this year at CanSecWest.
“This is probably one of the most severe bulletins because exploit code is likely to be created for one or more of these vulnerabilities, which leads to the potential for drive-by malware attacks across all versions of Internet Explorer,” said Marc Maiffret, CTO at BeyondTrust. “This, in our opinion, is one of the more important sets of patches to roll out as soon as possible.”
“This relates to MS12-020, which had organisations on high alert in March after Microsoft issued warnings that the vulnerability could be weaponised to result in widespread attacks,” noted Marcus Carey, security researcher at Rapid7.
“Up to now, MS12-020 has only been exploited as a reliable denial-of-service attack; however, from what I understand, MS12-036 may offer a more reliable attack vector for exploitation. The silver lining is that after MS12-020, many organisations took preventative measures to disable RDP, especially at egress points in their networks. If organisations must run RDP on the Internet, they should test and deploy MS12-020 patches as soon as possible.”
The final critical bulletin dealt with a .NET Framework vulnerability that could permit remote-code execution if a user views a malicious Web page using a browser that can run XAML Browser Applications (XBAPs). The vulnerability could also be used by Windows .NET Framework applications to bypass Code Access Security (CAS) restrictions.
In addition to the bulletins, Microsoft also released an advisory regarding a vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0 and 6.0. According to Microsoft, the issue exists when MSXML attempts to access an object in memory that has not been initialised, which may corrupt memory and ultimately allow an attacker to execute code.
In a blog post, Angela Gunn of Microsoft’s Trustworthy Computing Group said that the investigation into the vulnerability is ongoing. However, the company has released a workaround for anyone who believes they are affected.
Are you a security guru? Try our quiz!
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
New chapter for LastPass as it becomes an independent company to focus on cybersecurity, after…
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…