Microsoft has announced that August's Patch Tuesday will contain nine security bulletins, with some fixes rectifying vulnerabilities that allow attackers to install malware without permission.
The Microsoft Security Advisor outlines 9 fixes
The programs that are affected by the update are Windows, Internet Explorer, Microsoft Office, SQL Server, Microsoft Server, Microsoft Developer Tools and Microsoft Exchange. According to Microsoft's Security Bulletin Advance Notification, five of the patches are rated as "critical". The bulletin will fix the vulnerabilities in the software that runs the risk of an attack from remote code execution. Visit: Security Advisor.
Microsoft has said: “In the most severe case of Microsoft Exchange Server 2007 and Microsoft Exchange Server 2010, it is possible under certain conditions for the vulnerabilities to allow an attacker to take control of the server process that is parsing a specially crafted file.
“An attacker could then install programs; view, change, or delete data; or take any other action that the server process has access to do.”
The four bulletins that are given the "important" rating by Microsoft affect Windows and Office. Three of these fixes also focus on the remote execution problems, while one covers an elevation of privilege.
Bulletin 4 has been noted as the most essential as it cleans a previous patch to an ActiveX component that is included in Windows.
Adobe has also announced a security Quarterly update (Security Advisory APSB12-16) prepared for Patch Tuesday, with fixes described as critical available for Adobe Reader versions 10.1.3 and 9.5.1 and Adobe Acrobat 10.1.3 and 9.5.1.