Microsoft to issue seven patches
- By Jabulani Leffall
- Jun 06, 2008
a rollout of seven fixes for its June
patch release, with three rated critical, three important and -- in
a rare twist, considering previous months' rollouts -- one
A good deal of the bulletins relate to potential remote code
execution (RCE) exploits, a recurring theme for Microsoft
applications and services for years now. In fact, all of the
critical items slated for this month's Patch Tuesday plug holes
vulnerable to RCE exploits in Windows programs interacting with
wireless protocol using voice and data for Bluetooth, Internet
Explorer and Microsoft DirectX.
Meanwhile, the important fixes represent a mix of security
preparedness considerations as they're designed to block elevation
of privilege and denial-of-service attacks in Windows Internet Name
Service, Active Directory and Pragmatic General Multicast, a
transport protocol in Windows programs used for file transfer and
The lone moderate patch pertains to the kill bit function in
Windows programs, a method by which a user can shut of an ActiveX
control in Internet Explorer.
The first critical item dealing with Bluetooth and how it
interoperates with Windows components and applications affects XP
SP2 and SP3 and Vista SP1.
Next is the critical patch for IE, which will likely be the one
critical item to watch closely as it affects every release from IE
5.01 through IE 7 and cuts a wide swath across operating systems.
This patch will touch Windows 2000 SP4, XP SP2 and SP3, Windows
Server 2003 SP1 and SP2, Vista SP1, and all versions of Windows
The final critical patch deals with different versions of
DirectX, a group of application programming interfaces mostly used
by developers of games, streaming audio, interactive video and
other graphics features on Microsoft platforms. It affects Windows
2000 SP4, XP SP2 and SP3, Vista SP1, and Windows Server 2003 and
All the critical items have RCE implications.
The leading important patch this month involves Windows Internet
Name Service, a data cluster for names and network addresses that
acts as the central mapping function for the network. This patch
would prevent a hacker incursion that could result in someone
elevating administrative and read, write and edit privileges in a
given system. It affects all editions of Windows Server 2003.
The second important patch touches Active Directory settings in
XP, Windows Server 2003 and the 32- and 64-bit versions of Windows
Server 2008. AD is a critical feature where Windows settings are
configured for end users and super-users, and serves as a sort of a
system setup schematic. The patch would prevent a hack that would
leave enterprise users locked out of the system via
The third and final important patch is something IT security
pros rarely have to deal with but that network admin folks might
see more often: the file transfer and streaming media transmission
protocol called Pragmatic General Multicast. This fix would also
prevent denial-of-service exploits from seeping through. It affects
XP, Vista, Windows Server 2003 and Windows Server 2008.
The Moderate Kill Bit Patch
Typically, when a security vulnerability involves an ActiveX
control, a patch delivers a new control and sets the "kill bit" on
the vulnerable control. This patch is, in effect, a patch for the
kill bit function itself. It touches Windows 2000 SP4, XP, Vista,
and Windows Server versions 2003 and 2008.
All seven patches will require a restart or reboot of some
And, once again, Microsoft is referring IT pros and WindowsThis article originally published on RedmondMag.com, affilate Web site of GCN.com. RedmondMag.com and GCN.com are 1105 Media Inc. properties.
Enterprise professionals to thisKnowledge Base article for a description of non-security and
high-priority updates on Microsoft Update, Windows Update and
Windows Server Update Services. The support page is a crowded but
comprehensive list of changes in conte and deployment of updates.
Some of this month's items include updates for IE 7 dynamic
installer and updates for XP, Vista, and Windows Server versions
2003 and 2008.