If you plan on enjoying a Father’s Day of BBQ and relaxation, you better start patching your Microsoft networks now. Otherwise, you may not have time to install 16 bulletins worth of patches by this weekend.
Microsoft has posted their June Patch Day summary, which contains 16 security bulletins, nine of which they rate as Critical. The bulletins fix around 34 vulnerabilities in many Microsoft products, including:
- Internet Explorer (IE)
- Windows (and components that ship with it)
- SQL Server
- .NET Framework
- Visual Studio
- Forefront Threat Management Gateway
With so many Critical updates, it’s hard to say which to install first. In general, I recommend you follow the priority recommended in Microsoft’s summary bulletin. That said, lately attackers have focused on leveraging web and browser-based vulnerabilities to install malware via “Drive-by Downloads.” So you may want to install the Critical IE updates before the others.
We’ll post more detailed alerts about these flaws, and how to fix them, shortly. — Corey Nachreiner, CISSP