Microsoft will release seven security updates on Tuesday, June 12, three of them rated critical. The normal monthly “Patch Tuesday” Microsoft Security Bulletin follow the emergency update of a fix to close a vulnerability that the Flame espionage malware toolkit uses to leverage unauthorized digital certificates from a Microsoft certificate authority to execute man-in-the-middle attacks. The emergency update immediately revoked the trust of the compromised certificates.
The other four updates are rated important, the second level of severity. The seven updates address a number of vulnerabilities in various Windows OS and Internet Explorer versions, Visual Basic for Applications, Dynamics AX (Microsoft enterprise rights management software) and the .NET Framework. Vulnerabilities are deemed critical if exploitation could allow code execution without user interaction. Exploitation of important vulnerabilities could result in compromise of the confidentiality, integrity, or availability of user data, or of the integrity or availability of processing resources.