Microsoft is keeping security administrators on their toes this summer with an August Patch Tuesday featuring nine bulletins including two critical issues with Windows and Internet Explorer.
Bulletin 1 addresses a remote code execution vulnerability affecting all versions of Internet Explorer from IE6 up.
It’s rated “critical” for Windows Vista Service Pack 2 and above, and “moderate” for Windows Server 2003 Service Pack 2 and newer. Given hackers’ fondness for attacking browser flaws, it’s the patch that sysadmins should address first, according to Qualys CTO Wolfgang Kandek.
“An attacker would exploit this vulnerability on your users through a malicious webpage,” he wrote in a blog post.
“These pages can be on sites that are either set up specifically for this purpose, requiring him or her to attract your users to the site or are on sites that are already under control of the attacker with an established user community, such as blogs and forums.”
The second bulletin also addresses a remote code execution flaw but affects Windows 7 and Windows 8, plus the Media Center TV pack for Vista.
“The last time the ‘Media Center TV Pack’ got patched was MS11-015 and MS11-076, one was related to malicious media files, the other insecure library loading, but both of those affected Vista core too,” said Ross Barett, senior manager of security engineering at Rapid7.
“More details about this will be very interesting as they emerge, but this is likely the top patching priority, depending on exploitability.”
Barrett argued Bulletin 4 should also be high on the priority list for administrators. It’s an elevation of privileges vulnerability affecting SQL Server 2008, 2012 and 2014 rated “important” by Microsoft.
“This is probably not critical because it will require some degree of authentication to exploit, but given the potential for that to happen in any number of circumstances, this will no doubt be an important issue for administrators to address,” said Barrett.
The remaining bulletins address “important” vulnerabilities in Windows, Office, Sharepoint and .NET. There are three elevation of privilege flaws, a remote code execution vulnerability and two security bypass issues.