Patch Tuesday June 2011: Critical Security Issues in Windows, IE, Office
Microsoft has issued an advanced security bulletin notification for June 2011 Patch Tuesday.
Unlike last month’s only two bulletins, this month Microsoft has issued 16 bulletins, covering a range of security holes in the Windows operating system, .NET Framework, Silverlight, Forefront Threat Management Gateway, Internet Explorer, Microsoft Office, SQL Server and Visual Studio.
Nine of the 16 security bulletins are rated “critical” by Microsoft and almost all of them requires a system restart. The rest seven bulletins are rated “Important.” The 9 critical bulletins are for a remote code execution vulnerability. And out of the 9, two of the critical bulletins will address severe vulnerabilities in the Internet Explorer web browser. This month will include a critical security patch for the latest Internet Explorer 9 web browser.
The following table summarizes the security bulletins for this month in order of severity.
Bulletin ID | Maximum Severity Rating and Vulnerability Impact | Restart Requirement | Affected Software |
Bulletin 1 | Critical Remote Code Execution | Requires restart | Microsoft Windows |
Bulletin 2 | Critical Remote Code Execution | May require restart | Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight |
Bulletin 3 | Critical Remote Code Execution | Requires restart | Microsoft Forefront Threat Management Gateway |
Bulletin 4 | Critical Remote Code Execution | Requires restart | Microsoft Windows |
Bulletin 5 | Critical Remote Code Execution | Requires restart | Microsoft Windows |
Bulletin 6 | Critical Remote Code Execution | Requires restart | Microsoft Windows |
Bulletin 7 | Critical Remote Code Execution | May require restart | Microsoft Windows, Microsoft .NET Framework |
Bulletin 8 | Critical Remote Code Execution | Requires restart | Microsoft Windows, Internet Explorer |
Bulletin 9 | Critical Remote Code Execution | May require restart | Microsoft Windows, Internet Explorer |
Bulletin 10 | Important Information Disclosure | May require restart | Microsoft Windows |
Bulletin 11 | Important Remote Code Execution | May require restart | Microsoft Office |
Bulletin 12 | Important Elevation of Privilege | Requires restart | Microsoft Windows |
Bulletin 13 | Important Denial of Service | Requires restart | Microsoft Windows |
Bulletin 14 | Important Denial of Service | Requires restart | Microsoft Windows |
Bulletin 15 | Important Information Disclosure | May require restart | Microsoft Office, Microsoft SQL Server, Microsoft Visual Studio |
Bulletin 16 | Important Elevation of Privilege | May require restart | Microsoft Windows |
All supported versions of Windows and Internet Explorer are affected by this month’s patches, which are scheduled for release on Tuesday June 14, 2011. Microsoft will as usual host a webcast to address customer questions on the security bulletins on June 15, 2011, at 11:00 AM Pacific Time (US & Canada).