On Tuesday, Microsoft pushed out massive security updates for Internet Explorer

Yesterday, Microsoft pushed out seven security updates for Internet Explorer (IE).  The seven security bulletins had a total of 66 vulnerabilities.  Microsoft issued fixes for remote desktop, Lync Server, XML Core Services, Word, TCP protocol and Microsoft Graphics Component.  Microsoft recommends that you apply the patch MS14-o35 for Internet Explorer as soon as possible.

“Six down, six to go. Today is the Microsoft Patch Tuesday for June, and it comes with seven new security bulletins. The good news is that five of the seven are only rated as Important, but one of the two Critical security bulletins—the cumulative update for Internet Explorer—is huge.  In all, the seven security bulletins address a total of 66 specific vulnerabilities. The Cumulative Security Update for Internet Explorer (MS14-035) accounts for 59 of them—a record for a single Microsoft security bulletin.  Microsoft issued fixes for flaws in remote desktop, Lync Server, XML Core Services, Word, the TCP protocol, and the Microsoft Graphics Component that affect a range of products and services including versions of Windows and Office. The impact of a successful exploit ranges from denial of service, to information disclosure, to remote code execution, but the “star” of the show is Internet Explorer. Last month, IE saw a lot of activity, first with the out-of-band patch released on May 1, a point fix released as part of May’s Patch Tuesday, and a vulnerability that was publicly disclosed by the Zero-Day Initiative on May 21,” says Russ Ernst, director of product management for Lumension.  The cumulative update from Microsoft includes a fix for the vulnerability reported to ZDI. Thankfully, none of the vulnerabilities fixed by this update are actively under attack as far as we know. Even the two flaws that are already publicly disclosed are not facing any known active attacks.That said, with 59 separate vulnerabilities in the most widely-used browser, it is an absolute certainty that malware developers will be working diligently to reverse-engineer the patches and craft exploits to target those flaws. It is absolutely imperative that you apply the patch for MS14-035 as soon as possible.  The other Critical security bulletin this month—MS14-036—addresses a couple vulnerabilities in Microsoft Graphics component that could enable remote code execution if successfully exploited. The list of affected applications is extensive, including all versions of Windows and Office.”(PC World)

For more information and to learn how to update your security software, please contact Cohen Electronics at 323-380-5612.  You may visit our website at www.cohenelectronics.com or email us at info@cohenelectronics.com.

internet explorer logo


Contact Info