News

Five critical vulnerabilities expected in August 2012 Patch Tuesday

Moriah Sargent, Contributor

Microsoft plans to issue nine bulletins, including five critical, addressing vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft Office and its other products.

The five critical bulletins will patch ten vulnerabilities in Microsoft Windows, Internet Explorer, Exchange, SQL Server, and the Server Software and Developer Tools, according to the

    Requires Free Membership to View

Microsoft Advance Notification issued on Aug. 9.

Bulletins 1-5, the ones given the marker of “critical,” could allow for remote code execution. The first three will require a restart, the fourth may require one, and the fifth does not, Microsoft said.

Microsoft Patch Tuesday

July 2012 Patch Tuesday:The Microsoft XML Core Services vulnerability is being actively targeted by cybercriminals. In addition, Microsoft issued a critical update to Internet Explorer 9.

June 2012 Patch Tuesday: Microsoft’s June Patch Tuesday includes seven bulletins, three critical, affecting Windows, Internet Explorer and Microsoft Dynamics.

May 2012 Patch Tuesday: Microsoft addressed serious flaws in Office, Windows and the .NET Framework in its May 2012 Patch Tuesday, issuing a combined update to repair the font-parsing code related to the Duqu malware.

Specifically, Bulletin 1 addresses an issue with all currently supported versions of Internet Explorer running on Windows. August marks the third consecutive month of patches for Internet Explorer.

Bulletin 2 addresses a vulnerability in Windows XP Service Pack 3, while Bulletin 3 focuses on issues in several different versions of Service Packs on different Windows operating systems. Bulletin 4 addresses issues on the widest range of software, from Microsoft Office to Microsoft SQL Server. Bulletin 5 confronts problems within Microsoft Exchange Server.

In addition to the critical bulletins, Microsoft has marked four bulletins as “important,” affecting Microsoft Office and Microsoft Windows. Of these bulletins, three could allow for remote code execution and may require a restart. One could allow an elevation of privilege and will require a restart.

The bulletins will be released Aug. 14 at approximately 1 p.m. ET.

Last month, Microsoft patched a vulnerability in its XML Core Services, fixed a flaw in its Internet Explorer browser and addressed a vulnerability in Microsoft Data Access Components, among other repairs to a variety of its different programs.