The Hacker News Logo
Subscribe to Newsletter

Microsoft to patch Six critical Remote Code Execution vulnerabilities this Tuesday

Microsoft has announced Patch Tuesday for this July Month, with seven bulletins. Out of that, one is important kernel privilege escalation flaw and six critical Remote Code Execution vulnerabilities.
Patch will address vulnerabilities in Microsoft Windows, .Net Framework, Silverlight and will apply to all versions of Internet Explorer from IE6 on Windows XP to IE10 on Windows 8.

Often targeted by attackers to perform drive-by malware download attacks, remote code execution flaws allow an attacker to crash an application and launch malware payloads often without any sort of notification or interaction form the user.

The Windows 8 maker is also patching a kernel vulnerability disclosed at the beginning of June by Google researcher Tavis Ormandy. The issue is to do with Windows kernel's EPATHOBJ::pprFlattenRec function (CVE-2013-3660) and after Ormandy released the exploit code, Metasploit module was developed to exploit the bug.

The company is planning to release the update on 9 July. As usual, all fixes will be delivered via the integrated Windows Update, so no user interaction is needed.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.