11 stories
today

Microsoft Patch Tuesday: 34 Flaws to be Fixed

Microsoft announced today that the company would be issuing 16 security updates to patch 34 vulnerabilities in Windows, Internet Explorer, Office, SQL Server, and other products next week.

As ComputerWorld reports, Microsoft will be issuing 16 security updates to patch 34 various flaws. “It’s the usual mishmash for an even-numbered month. But to some degree, we expected a big month. And they stayed true to form,” said Andrew Storms, Director of Security Operations at nCircle Security.

Only 9 of the 16 updates will be marked ‘critical’, which is the highest threat level in Microsoft’s scoring system. The rest of the updates will be marked ‘important’, which is the second highest level. This month’s Patch Tuesday has the second highest number of bugs compared to April, when Microsoft squashed 64 flaws.

Internet Explorer 9 will feature its first update since the browser debuted in mid-March and the update is marked as ‘critical.’ “So, basically it had a critical bug the day it shipped,” said Andrew Storms.

One of the updates will also fix the “cookiejacking” issue in Internet Explorer, a flaw that could enable hackers to steal cookies from a user’s PC and then use those cookies to log onto password-protected websites.

Windows 7 will be featured in several of the updates. Windows 7 now accounts for 26% of all operating systems in use, according to web metrics company Net Applications.

We are expecting to see updates for Silverlight, .Net, and Visual Studio to fix a few GDI vulnerabilities. “It may be something that Microsoft needs to fix so developers can redistribute updated software. If so, it wouldn’t be surprising, but it would also be disappointing. Microsoft’s had its fair share of GDI vulnerabilities,” Storms speculated.

Expect to see the 16 updates released June 14th around 1PM Eastern Time.

Further reading: ,