Patch Tuesday Hikes IE Security
Wednesday, June 10, 2015 @ 02:06 PM gHale
There was a smaller allotment of patches this month from Microsoft, with two critical patches to deal with and six important.
MS15-056 is a critical cumulative update for Internet Explorer addressing 24 CVEs. The issue at hand is attackers could force a remote code execution and gain the same rights as the affected user.
MS15-059, while rated important, impacts all shipping desktop versions of Microsoft Office. This bulletin addresses three vulnerabilities in Office which an attacker can use for remote code execution.
The critical MS15-057 affects Windows Media Player where it can allow full user rights to the attacker when a malicious file plays, but the user will need to also focus n a vulnerability in Adobe Flash. APSB15-11 is the eighth update of Flash Player this year and updates 13 vulnerabilities that span across Windows and Mac desktops.
Microsoft unveiled it will release Windows 10 July 29. For a year, this upgrade will be available for free and will continue for the lifetime of any device you install it on: A PC, tablet, or phone.
Microsoft said they will continually update the OS with new features and security updates without the fanfare of a new OS version number, without the costly endeavor of testing code and holding on to it until a pre-selected release date. In time, this should result in a simpler, safer computing experience, they said.