Microsoft to Fix 34 Vulnerabilities in Windows, Office and IE

Microsoft plans to plug no less than 34 security holes in Windows, office and Internet Explorer come June 8th, 2010. The move is part of the company’s monthly patch cycle scheduled for release on patch-Tuesday, the second Tuesday of every month. There will be a total of 10 security bulletins as a part of the June update release, three of which carry the maximum severity rating of Critical, meaning that they are designed to patch vulnerabilities, which, in the eventuality of a successful exploit could allow attackers to perform remote code execution on a vulnerable system.

“Six of the bulletins affect Windows; of those, two carry a Critical severity rating and four are rated Important. Two bulletins, both with a severity rating of Important, affect Microsoft Office. One bulletin, again with a severity rating of Important, affects both Windows and Office. One bulletin, with a severity rating of Critical, affects Internet Explorer,” revealed Jerry Bryant, group manager, Response Communications.

According to information offered by Microsoft, Windows 7 users will need to deploy no less than seven security bulletins, three of which critical, if the IE patches are also taken into consideration. However, the Redmond will not be providing any patches for Office 2010. Released to manufacturing in April 2010, Office 2010 is not affected by any of the vulnerabilities resolved with the June security bulletin release, otherwise, the software giant would have also released updates for Office 2007’s successor.

“As ever, we recommend that customers prepare for the testing and deployment of these bulletins as soon as possible. We will also be acting on two Security Advisories this month. We are closing Security Advisory 983438 (Vulnerability in Microsoft SharePoint Could Allow Elevation of Privilege) with the June bulletins. We are also addressing Security Advisory 980088 (Vulnerability in Internet Explorer Could Allow Information Disclosure),” Bryant added.