Microsoft to fix many critical vulnerabilities on Patch Tuesday
Microsoft has announced that it plans to release 16 security bulletins on Tuesday 14 June. The company rates nine of the bulletins as critical; the remaining seven are considered to be "Important". According to Microsoft, the bulletins will patch a total of 34 vulnerabilities in its products.
In a post on its Security Response Center blog, Microsoft says that these also include issues related to "cookiejacking" – last month Security researcher Rosario Volotta discovered a zero-day hole in all versions of Internet Explorer that allows an attacker to steal cookies from a user's machine and access web sites that the user has previously logged into. Microsoft says that the updates for IE will address one of the known vectors to the cookie folder.
Affected products include Internet Explorer 6, 7, 8 and 9; Windows XP, Vista, Windows 7, Server 2003 and 2008; Office XP, 2003, 2007 and 2010; and Office for Mac 2004, 2008 and 2011. Excel Viewer; Sharepoint Services 3.0; Open XML File Format Converter for Mac; Silverlight 4; Visual Studio 2005, 2008 and 2010; Forefront Threat Management Gateway 2010 Client; SQL Server 2005 and 2008; and InfoPath 2007 and 2010 will also receive updates.
- Microsoft Security Bulletin Advance Notification for June 2011, bulletin from Microsoft.