Microsoft has said it will patch a variety of operating system (OS) and software components for Patch Tuesday next week, including Bluetooth and streaming software.
The software firm said it has slated seven sets of security updates to make up its round of monthly patches in June, due out next Tuesday.
Three critical fixes were earmarked for Windows software components, Internet Explorer and its multimedia DirectX and Bluetooth wireless interfaces, which Microsoft's preview said meant a hacker could gain control of vulnerable systems remotely. And affected OS include Windows 2000, XP, Vista and Windows Server 2003 and 2008.
It also said important updates, or those given Microsoft's second most severe security rating after 'critical,' were being readied for Active Directory, the Windows internet name service (WINS) and the pragmatic general multicast (PGM) protocol, used by Windows for streaming media. And these could lead to denial of service, remote code execution or elevation of privilege attacks.
The seventh update, rated 'moderate,' is noteworthy for the fact it is described as a 'kill bit' update for Windows, in order to disable code known to carry a security bug. But it remains to be seen whether this update will address its own code or that of third-party software.
In addition to these security patches, Microsoft said it plans to make a number of high-priority updates available on Windows Update and Windows Server Update Services, Microsoft Update and an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Microsoft Download Centre.
The security updates will replace the pre-patch notice next Tuesday 10 June around 1 pm Eastern time (6pm BST).
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
-
Beat cyber criminals at their own gameWhitepaper A guide to winning the vulnerability race and protection your organization
-
Same cyberthreat, different storyWhitepaper How security, risk, and technology asset management teams collaborate to easily manage vulnerabilities
-
Three steps to transforming security operationsWhitepaper How to be more agile, effective, collaborative, and scalable
-
Should your business start a bug bounty program?In-depth Big tech firms including Google, Apple and Microsoft offer bug bounty programs, but can they benefit smaller businesses too?
-
Accessing the XDR realmWhitepaper A guide for MSPs to unleash modern security
-
Why zero trust strategies failIn-depth Zero Trust is the gold standard for organizations in protecting systems from cyber attacks, but there are many common implementation pitfalls businesses must avoid
-
Sitecore XP RCE flaw is being actively exploited, ACSC warnsNews The vulnerability was fixed last month but hackers are now moving against patching laggards
