Microsoft tries to secure its products in its July updates
Microsoft has distributed its security update for July and the organization has taken a lot of important steps to further secure its products from any outside attacks, targeting especially Internet Explorer, Remote Desktop Protocol (RDP) and .Net Framework. Through the July update, Microsoft has patched up 27 vulnerabilities found across its product range. A total of seven bulletins were released and out of these seven, a few were titled as the most important ones which sensitive computers and IT experts should deploy as soon as possible.
When the seven bulletins were released by Microsoft for patching up the vulnerabilities, three of them were ranked as 'critical'. The critical ones were related to the vulnerabilities found in the Remote Desktop Protocol, Internet Explorer and .Net Framework. These must be immediately put into effect because they target some of the most dangerous of the vulnerabilities found in the products of Microsoft. A batch of another four bulletins was ranked as 'important'. Even though the important ones are ranked below the critical bulletins, yet they both have a ranking of 1 on the exploitability index which means that if the bulletins were not deployed soon exploit code could develop.
The bulletins targeting Internet Explorer were the most critical ones because without them the exploit code could develop making malware attacks possible. All Internet Explorer versions were found vulnerable without these recent updates. The bulletin MS12-037 is the most important one and it fixes up almost 13 security vulnerabilities of Internet Explorer. Security researchers and Microsoft itself is urging the IT users to deploy this bulletin immediately. MS12-037 has the ability to fix CVE-2012-1876 which has been used in a few cyber attacks.
In March, Microsoft issued a warning to call attention to a vulnerability found in Remote Desktop Protocol, stating that it could be used for widespread attacks. Taking steps to address this particular vulnerability found in RDP, Microsoft released the MS12-036 bulletin. Without MS12-036, an attacker could send a sequence of specially designed RDP packets in order to create the execution of remote code. A vulnerable system could be a prey to such an attack. However, since Microsoft does not enable RDP by default in its Windows, a computer that has not enable RDP is protected from such an attack. But for those systems that have enabled RDP, the MS12-036 bulletin must soon be deployed.
Another critical bulletin was targeted at the vulnerability found in .Net Framework and without this bulletin if a person views a virus infected web page that is running on XAML, the remote code could possibly execute.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 15-06-2012