Are you ready for next Tuesday’s Microsoft Patch Day? It’s coming.
Based on their Advanced Notification page, Microsoft plans to release seven security bulletins at 11am on June 13, and they rate three of the bulletins as Critical. The updates will fix around 28 vulnerabilities in popular products like Windows, Internet Explorer, Office, the .NET Framework, as well as flaws in some lesser known products too.
Next week’s update looks pretty Blasé, in that Microsoft has pretty much released the same number of updates consistently over the last few months. In the past, we seemed to cycle between huge interesting Patch Days followed by light ones. However, over the last few months Microsoft seems stuck on medium. That said, the devil is always in the details. Once we learn more information about the three critical updates, perhaps June’s Patch Day will get more interesting.
One thing I do know is this month’s IE update is rumored to fix a serious drive-by download flaw in the popular browser, which was demoed at this year’s Pwn2Own contest. IE users will definitely want to jump on that update.
In any case, get ready for next Tuesday’s updates. As usual, I recommend you install the Critical updates first, and that you test the updates before deploying them — especially any server related updates. I’ll know more about these bulletins on Tuesday, and will publish alerts about them here. — Corey Nachreiner, CISSP