Microsoft released 10 security bulletins that cover 34 vulnerabilities. 7 bulletins have a critical severity rating, and the other 2 bulletins have an important severity rating.
- Windows is affected by 7 of the bulletins (6 critical and 1 important)
- Internet Explorer is affected by 7 of the bulletins (1 critical and 1 important)
- Office is affected by 1 important bulletin
Also, 2 publicly known issues are scheduled to be addressed next week: an elevation of privilege vulnerability in SharePoint that could lead to cross-site scripting attacks and an information disclosure issue in Internet Explorer.
The security updates for the June 2010 bulletins are available for download at the Microsoft Update web site (http://www.update.microsoft.com). Please note that systems joined to the LSU Active Directory automatically receive the critical security updates when available. Other updates will have to be installed from Microsoft Update.
Remember to close all applications at the end of work day today, as security updates may require a restart of your machine.
REMINDER: It is important for LSU Users to move to supported platforms from Microsoft because after the dates below, those products/service packs will no longer receive security updates.
- Windows XP Service Pack 2 will no longer be supported after July 13, 2010. Many users are still on this version, so we encourage upgrading to Service Pack 3 or to Windows 7 as soon as possible.
- Extended support for Windows 2000 will also be retired as of July 13, 2010. After that time, Microsoft will no longer provide security or any other updates for Windows 2000.
- Windows Vista RTM (No Service Pack) will no longer be supported after the April 13, 2010 bulletin release. Service Pack 1 will still be supported until July 12, 2011 but we recommend users update to Service Pack 2 or Windows 7 at this time.
Additional Information / Tools:
- Microsoft Security Bulletin - http://www.microsoft.com/technet/security/bulletin/ms10-jun.mspx
- US-CERT Technical Alerts - http://www.us-cert.gov/cas/techalerts/
- Microsoft Baseline Security Analyzer - http://www.microsoft.com/technet/security/tools/mbsa2_1/default.mspx