We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

July to be bumper patch month

Microsoft pumps out seven updates

Holes in Microsoft's Office software will force the company to release seven software patches next week.

Four of the updates will fix bugs in Windows while another three will address flaws in Microsoft Office, Microsoft said yesterday in a bulletin on its website. Both sets of patches will address critical flaws, which attackers could exploit to run unauthorised code on a PC without any user action.

The patches will be released on 11 July as part of Microsoft's regularly scheduled monthly security updates. Microsoft's advance note on the updates can be found here.

The software will probably fix a number of publicly reported vulnerabilities in Office, some of which concern Excel, said Gunter Ollmann, director of Internet Security Systems' X-Force threat analysis service.

Last month, Microsoft confirmed that it was investigating three issues that relate to Office, following reports that hackers had launched a targeted attack, against an unnamed government contractor, that took advantage of a bug in its Excel spreadsheet software.

Two of the bugs could be used to compromise a PC, but they would first require user action such as opening a malicious document and clicking on hyperlinks. The third appears to be less critical, but it could be used to run an unauthorised ActiveX control, Microsoft said.

Yesterday another bug was added to the mix, with security vendor Secunia warning of a flaw affecting Asian language versions of Excel. As with the other bugs, victims would need to be tricked into doing a little work before compromising their systems, but if this were to happen, attackers could run their malicious software on the PC, Secunia said.

More details on this latest flaw can be found here.

The seven patches may keep system administrators busy next week, but not as busy as they were in June. Last month Microsoft released 12 security updates.


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Why Apple shouldn't be blamed for exploitation in China and Indonesia