Microsoft's June Patch Tuesday Comes Light: Here Are The Details

Patch Tuesday has come and gone, with Microsoft releasing its security updates right on schedule.

The security updates for Tuesday, June 9 were quite light, considering the list contains only eight items. Of the eight, only two have been deigned critical by Microsoft — news that will be welcomed by users who have had to battle innumerable updates in the past few months.

The critical updates pertain to Internet Explorer and Windows Media Player. For those using Windows 8.1 or Windows 10, there's additional good news: the critical security patches are only applicable for Windows 7 and earlier versions.

The eight security updates Patch Tuesday brought to the list are as follows:

MS15-056: This is the Cumulative Security Update for Internet Explorer (3058515) and a monthly one. The update will fix the reported 24 vulnerabilities, especially one that could enable remote code execution if the end user viewed a webpage that was "specially crafted." This update will stop the user's browser history from being accessed by a fraudulent site and modify how the memory is handled by the browser.

MS15-057: This update will address the vulnerability in Windows Media Player (KB3033890), which could also enable remote code execution. This update has a critical rating for Windows Vista, Windows 7, Windows Server 2008 R2 and earlier versions.

MS15-059: This patches susceptibility in MS 2010 and MS Office 2013. The update is received automatically by Office 365.

MS15-060: This addresses vulnerability in Microsoft Common Controls that could allow remote code execution. This weakness would enable remote code execution when the user clicks on a link to specifically created content or a specially crafted link, which would then invoke the F12 Developer Tools found in IE.

MS15-061: This update brings fixes for nearly 11 kernel vulnerabilities in Windows. Of the 11, seven vulnerabilities were a part of Google Project Zero.

MS15-062: This update addresses issues in Active Directory Federation Services.

"The vulnerability could allow elevation of privilege if an attacker submits a specially crafted URL to a target site," according to Microsoft.

MS15-064: This update addresses a weakness in the Microsoft Exchange Server, which may lead to elevation of privilege.

Notably, MS15-058 is missing from the list and Microsoft kept 9 numbers for its Patch Tuesday in June.

Patch Tuesday also brought several recommended updates. These will be installed automatically if a user has the option enabled on Windows Update.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics