July 2014 Patch Tuesday is here and Microsoft has issued six security bulletins affecting all versions of Internet Explorer, as well as versions of Windows. Two of the bulletins are rated Critical and deal with Remote Code Execution, while three are rated Important and deal with elevation of privileges within Windows. The sixth bulletin is rated Moderate and deals with denial of service attacks.
The first bulletin is the most important and is rated Critical. It affects all versions of Internet Explorer from Internet Explorer 6 to 11 and deals with Remote Code Execution. As Qualys states, this patch should be top of your list, since most attacks involve your web browser in some way. The three Important updates deal with elevation of privilege vulnerabilities in all versions of Windows.
Windows 8.1 and Windows RT will receive the two Critical updates as well as three Important updates. The Moderate update deals with Microsoft Service Bus for Windows Server.
“The Service Bus is a newer component of Windows in use in the Windows Azure environment for the development of loosely coupled applications. In our estimate, few companies will have installed that component, and on Azure, Microsoft will take care of the patching for you,” Wolfgang Kandek from Qualys stated.
Patch Tuesday rolls out July 8th, so keep an eye on Windows Update for these security fixes. If you have automatic update enabled, you will be prompted for a rebootFurther reading: Internet Explorer, Patch Tuesday