Microsoft to release 6 security bulletins in June
Microsoft has announced six security bulletins for its June patchday next Tuesday, including four patches to close critical holes: one patch for a vulnerability rated as "important" and another patch for a "moderate" vulnerability. As already announced, Microsoft discloses not only the number of planned updates, but also information on affected products and the severity of the various bugs.
Two critical vulnerabilities affect Windows 2000 to 2003 and may allow arbitrary code execution. The Redmond-based software vendor will also fix critical holes in Internet Explorer and Outlook Express or Windows Mail which could allow attackers to execute injected malicious code. A bug in Visio, which also allows arbitrary code injection, is rated as "important". A "moderate" vulnerability affects Windows Vista and allows attackers to inspect confidential information.
As always, the Malicious Software Removal Tool (MSRT) designed to detect current malware will also be updated on the monthly patchday. In Microsoft’s security blog, the developers also announce that seven high-priority non-security updates will be published on Microsoft Update. However, no detailed information is provided on these updates.
- Microsoft Security Bulletin Advance Notification for June 2007, Microsoft’s security bulletin advance notification for June Patchday
- June 2007 Advance Notification, entry in Microsoft’s security blog