Loading...
Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Microsoft Advance Notification for July 2013 – BOOM!

While you were stuffing your face with hotdogs and potatosalad and then watching fireworks go BOOM, Microsoft was preparing a PatchTuesday bulletin that will make just as big of a BOOM. You might think that seven bulletins is nobig deal, and normally you would be right, there have been months with manymany more bulletins than seven but what if six of those bulletins are listed ascritical? BOOM! That makes 22 critical bulletins so far this year; remember therewere only 34 in all of last year.

That's right; six critical remote code execution bugs willbe patched next week when Microsoft issues the patches for the month of July.BOOM! Five of the six occur in Windows itself, one impacts Silverlight, onealso impacts Internet Explorer 6 thru 10 and another one for Microsoft office. The Silverlight patch will probably be forCVE-2013-3660, discovered by Google back in May, which is a publicly knownissue in the Kernel-Mode Drivers component of Windows.

What about the seventh bulletin? It is not rated critical,it is only listed as Important, but it is an Information Disclosure issue in…WindowsDefender. Security Software with its own security issues, while not unheard, isamazingly ironic. BOOM!

Fireworks

Recent SpiderLabs Blog Posts