Microsoft Patch Tuesday for June, 34 vulnerabilities addressed

Microsoft has released a list of bulletins and patches for the upcoming Patch Tuesday. 10 security updates will be distributed next Tuesday, patching a record-tying 34 vulnerabilities.  The update will patch vulnerabilities in Windows, Internet Explorer, Office and SharePoint.

Out of the 10 bulletins, three were labeled as “Critical,” Microsoft's highest severity level, the other seven patches were labeled as “Important,” the next level down from Critical.  The patches will address remote code executions (RCE), elevation of privileges and tampering.

The patches will fix security holes in the following operating systems and software:

  • Windows 2000 SP4
  • Windows XP SP2 & SP3
  • Windows Vista SP2
  • Windows 7
  • Windows Server 2003 SP2
  • Windows Server 2008 SP2
  • Internet Explorer 6, 7 & 8
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2008 Mac
  • Microsoft Office SharePoint Services 3.0 SP1

Check Microsoft's security bulletin website for more affected software.

The patches are expected to roll out on June 8 and will require a restart.

Thanks to Shayla for the news tip

Report a problem with article
Previous Story

Google to hand over European Wi-Fi data to regulators

Next Story

Sprint OTA for HTC EVO will block rooting

51 Comments

Commenting is disabled on this article.

Ah FFS... 39 updates? I have to write a patch summary bulletin at work to distribute to some departments. Writing a report for 39 patches is going to take me all fricking day!!

Chicane-UK said,
Ah FFS... 39 updates? I have to write a patch summary bulletin at work to distribute to some departments. Writing a report for 39 patches is going to take me all fricking day!!

Or, you could just use powershell to write yourself a script to download all of the details, and format it according to your bulliten template.
Then future bulletins could be as simple as running the script.

windows is much better than non-MS fans would have you believe.

Really don't have the time to invest in learning PowerShell in that kind of detail TBH. I suspect it'd take many days of learning to get to be good enough to do something like that!

dotf said,

Or, you could just use powershell to write yourself a script to download all of the details, and format it according to your bulliten template.
Then future bulletins could be as simple as running the script.

windows is much better than non-MS fans would have you believe.

Riggers said,
Another WAT update i see (bulletin 10), whats the betting quite a few 7 users won`t update this one

Why not? I've never had problems with WGA/WAT updates.

Riggers said,
Another WAT update i see (bulletin 10), whats the betting quite a few 7 users won`t update this one

Do you think it could disable the BIOS Mods or Remove Wat?

WV2MJR said,

Do you think it could disable the BIOS Mods or Remove Wat?

BIOS workarounds are unlikely to be disabled as the modification takes place at the BIOS level, and has nothing to do with altering/patching/cracking the OS.

GreyWolf said,

Why not? I've never had problems with WGA/WAT updates.

Neither have i but then again mine is legit (arrived October 19th, bargain price ). Some on the other hand may have not 100% legitimate copies and could fear the worse. Not sure where they come from *rollseyes*

Oh noez! Not restarts! Anything but restarts!!!

/so liek when I tried out that recent release of Fedora it had doozzzeeenns of updates ready for me on DAY ONE and it told me to restart omg linux is so UNSAFE rofflecopter

I keep mine on 24/7 and have it set to do auto updates at 3am. To me when I wake up after a critical update, I simply have to login to the pc again. Can't complain then it doesn't cut into any work or uni time.

Anarkii said,
I simply have to login to the pc again. Can't complain then it doesn't cut into any work or uni time.

If security is not an issue, you can also bypass the logon prompt when you wake up as well. I find it particularly useful for some things that I do on my system which should be written as system services, but run within the user context.

Run Prompt (as administrator) -> control userpasswords2 <enter>
remove check mark beside "users must enter a user name and password to use this system"
select user to auto-login, and enter (and re-enter) your password and you're good to go.
(works in all NT based windows)

Neobond said,
Restarts? Set Automatic updates to run at an ungodly time and then when you wake up, all is good. Simples!

I think it is more to do with their ego, my computer has not restarted for 28 years etc.

I used to leave my computer on 24 hours a day, until I realised turning it off and it saves me about $20/£15 approx month.

With faster Internet you do not need to leave it on downloading any more.

stevember said,

I think it is more to do with their ego, my computer has not restarted for 28 years etc.

I used to leave my computer on 24 hours a day, until I realised turning it off and it saves me about $20/£15 approx month.

With faster Internet you do not need to leave it on downloading any more.

+1. For some one with multiple computers in the house i can attest to leaving them all on for 24hrs does not do good things to the electric bill.

Most security updates seem to correct something about the Remote System of Windows, even though most people don't use it.

I use OS X too, and it's pretty similar when it comes to restarts.

Since the worst and most urgent vulnerabilities usually affect system files (that are often in use), this isn't surprising either.

Northgrove said,
I use OS X too, and it's pretty similar when it comes to restarts.

Since the worst and most urgent vulnerabilities usually affect system files (that are often in use), this isn't surprising either.

But one thing that makes OS X better is that there usually aren't 34 updates.

Since version 10.6 (Snow Leopard) launched, there have only been 3 updates (hence 10.6.3). Each required a restart, but 3 is a lot less than 34. Other updates that are program-specific almost never require a restart.

But then again Office 08 uses it's own updating program, so it probably will need a restart.

njn007 said,

But one thing that makes OS X better is that there usually aren't 34 updates.

Since version 10.6 (Snow Leopard) launched, there have only been 3 updates (hence 10.6.3). Each required a restart, but 3 is a lot less than 34. Other updates that are program-specific almost never require a restart.

But then again Office 08 uses it's own updating program, so it probably will need a restart.


Dude do you know what is included in those "3" updates? When 10.6.3 was released it included about 54, yeah you read correctly, 54 SECURITY fixes and thats not counting fixes to applications and such. And 10.6.2 had about 58 "bug" fixes...

njn007 said,

But one thing that makes OS X better is that there usually aren't 34 updates.

Since version 10.6 (Snow Leopard) launched, there have only been 3 updates (hence 10.6.3). Each required a restart, but 3 is a lot less than 34. Other updates that are program-specific almost never require a restart.

But then again Office 08 uses it's own updating program, so it probably will need a restart.

How does that make OS X better? Okay, the idea of 34 security issues doesn't sound too good, but that's spread out over 11 programs/operating systems, an update is being applied to Windows 2000 SP4, does Apple still release security updates for OS 9? Plus Microsoft is a much bigger target than Apple, so it's no surprise that there are more security exploits.

njn007 said,

But one thing that makes OS X better is that there usually aren't 34 updates.

Since version 10.6 (Snow Leopard) launched, there have only been 3 updates (hence 10.6.3). Each required a restart, but 3 is a lot less than 34. Other updates that are program-specific almost never require a restart.

But then again Office 08 uses it's own updating program, so it probably will need a restart.

Well that's because Apple is ALOT slower to fix security issues, seems to them a security patch is admitting defeat so they would rather have there systems sitting out there vulnerable then actually patch them.

swanlee said,

Well that's because Apple is ALOT slower to fix security issues, seems to them a security patch is admitting defeat so they would rather have there systems sitting out there vulnerable then actually patch them.

Time for OS X fixes aren't that bad. And besides, OS X users have lots less security holes/issues to worry about than Windows users.

njn007 said,
But one thing that makes OS X better is that there usually aren't 34 updates.

Since version 10.6 (Snow Leopard) launched, there have only been 3 updates (hence 10.6.3). Each required a restart, but 3 is a lot less than 34. Other updates that are program-specific almost never require a restart.

But then again Office 08 uses it's own updating program, so it probably will need a restart.

Come on - do you even know what the hell you're talking about?

1) Download, install the combo update and there is one reboot after.
2) The 34 update does not translate into 34 reboots - they are 34 fixes, and once all are installed you reboot once.
3) Snow Leopard doesn't need to reboot after installing an Office 2008 update.

How about not lying in future - stick to the facts instead of making up crap.

rawr_boy81 said,

Come on - do you even know what the hell you're talking about?

1) Download, install the combo update and there is one reboot after.
2) The 34 update does not translate into 34 reboots - they are 34 fixes, and once all are installed you reboot once.
3) Snow Leopard doesn't need to reboot after installing an Office 2008 update.

How about not lying in future - stick to the facts instead of making up crap.

Since when did I say 34 reboots were needed? Hmm...he who preaches facts can't even practice it himself.

How do you know Snow Leopard won't need a reboot after the Office 08 update?

njn007 said,

But one thing that makes OS X better is that there usually aren't 34 updates.

Since version 10.6 (Snow Leopard) launched, there have only been 3 updates (hence 10.6.3). Each required a restart, but 3 is a lot less than 34. Other updates that are program-specific almost never require a restart.

But then again Office 08 uses it's own updating program, so it probably will need a restart.

This is 34 patches for a slew of different programs and operating systems, not for one product. And that's just totally not true about 3 updates for OS X. There have been the combo updates. Every one of those are rollups of previous fixes that were already released.

njn007 said,

But one thing that makes OS X better is that there usually aren't 34 updates.

Since version 10.6 (Snow Leopard) launched, there have only been 3 updates (hence 10.6.3). Each required a restart, but 3 is a lot less than 34. Other updates that are program-specific almost never require a restart.

But then again Office 08 uses it's own updating program, so it probably will need a restart.

OSX is in no way better. Every time Apple releases an update to iTunes - such as when they were in an arms race to block Palm - you need to reboot the OS. Needing to reboot for OS level files, update running apps, etc. is fine. But to update iTunes, especially when it was to block a 3rd party app I don't use, does not make it better.

njn007 said,
But one thing that makes OS X better is that there usually aren't 34 updates.

Sure you understand that not all of them are released for ths Windows OS right?

njn007 said,
Since when did I say 34 reboots were needed? Hmm...he who preaches facts can't even practice it himself.

You stated the following:

Since version 10.6 (Snow Leopard) launched, there have only been 3 updates (hence 10.6.3). Each required a restart, but 3 is a lot less than 34.

What part of what you said don't you understand - you clearly compared the need to reboot 3 times as being less than 34. The idea of reboot 3 times is stupid given that if you were to reinstall you would use a combo update, and if you installed the 34 updates you again would only do one reboot on Tuesday. Stop trying to duck and dive from the stupid thing you said.

How do you know Snow Leopard won't need a reboot after the Office 08 update?

Because I am running Office 2008 right now and have never needed to reboot. Office 2008 does not integrate into the operating system to the point that part cannot be replaced because a particular file is in use. Again, do you even have the slightest clue on what you're talking about?

njn007 said,

Time for OS X fixes aren't that bad. And besides, OS X users have lots less security holes/issues to worry about than Windows users.

Interesting observation, since many of the security experts have gone on record stating the opposite, and that only the small market share Mac OSX enjoys as to reasons large scale attacks haven't been released...

TechDudeGeorge said,
And no one say that other OS's don't need restarts. When I installed Ubuntu. After updates. It needed a restart.

I use Gentoo Linux and it doesn't require a restart unless kernel but there are ways around that. Blame n00buntu.

ZekeComa said,

I use Gentoo Linux and it doesn't require a restart unless kernel but there are ways around that. Blame n00buntu.

Aww. Even you starry-eyed Linux users have inter-hate for eachother. That's so sadly adorable.

TechDudeGeorge said,
And no one say that other OS's don't need restarts. When I installed Ubuntu. After updates. It needed a restart.

I think only some of the less-popular Linux distros can update their kernel w/o a restart

A restart only takes a minute, how big of a deal can it be (unless of course it's the server)? Besides, I don't get the restart promts, it installs automatically when I shut down the computer.

I concur...they have improved somewhat over the reboots from the past...yet, some files, like say, the kernel are still in memory whenever a patch is issued...hence the need for a reboot. (just an example)

edit: GP007 beat me to it....

So much for trying to do away with all the restarts After Updates in windows 7, come on guys while windows 7 is the best OS to date pull your finger out regarding the restarts

Fubar said,
So much for trying to do away with all the restarts After Updates in windows 7, come on guys while windows 7 is the best OS to date pull your finger out regarding the restarts

The restarts happen because patches (some of them) have to change files that are in use and protected (no write access) when the OS is in use. Either way they've still cut down on the number of restarts needed in Win7 compared to XP and even Vista a bit.

GP007 said,

The restarts happen because patches (some of them) have to change files that are in use and protected (no write access) when the OS is in use. Either way they've still cut down on the number of restarts needed in Win7 compared to XP and even Vista a bit.

+1, I have noticed this recently because I enabled manual update downloading and most of the time it just installs the updates and is ready to go. Even graphics driver updates (the ones you get from WinUpdate) don't ask for a restart.

Fubar said,
So much for trying to do away with all the restarts After Updates in windows 7, come on guys while windows 7 is the best OS to date pull your finger out regarding the restarts

I'd love for you to show me a consumer operating system that doesn't require a restart after installing files that over write system files. Oh and the reason why they don't just over ride it is because if you over write in a live system you can cause instability hence when it restarts it over writes and reboots.

Fubar said,
So much for trying to do away with all the restarts After Updates in windows 7, come on guys while windows 7 is the best OS to date pull your finger out regarding the restarts

Fubar..... sometimes you are such a noob.

rawr_boy81 said,

I'd love for you to show me a consumer operating system that doesn't require a restart after installing files that over write system files.
Linux. It can even update the kernel without restarting, although I don't think that's part of any mainstream distribution.

rawr_boy81 said,

Oh and the reason why they don't just over ride it is because if you over write in a live system you can cause instability hence when it restarts it over writes and reboots.
It's impossible to do on Windows because of architectural differences. On Windows, a file is lost if you delete it. On Linux, if a file is open and you delete it, all programs that have it open can continue to use it, because the actual space the file occupies on disk is not marked as free until all programs close the file.


The biggest problem with updating though, is reloading programs that are using a library. A program already running when you update can end up using a different version than a program loaded after the update. It can also mask security holes if half your programs keep using the old version and you go a week without rebooting. Certain parts of Windows can't be reloaded, because they're always in use. The only way to reload them is by restarting the system.

Another reason for locking executables is that they're part of Windows' disk paging system. Every executable is like a miniature read-only page file.

Now there are ways this could be solved, but Microsoft doesn't have much flexibility when it comes to rewriting Windows, so much remains the same as when it was designed in the 1980s.

hdood said,
Linux. It can even update the kernel without restarting, although I don't think that's part of any mainstream distribution.

And you can do that with Windows - delay restarting until later. The operating system doesn't automatically unload the only kernel out of memory and replace it with the new one - although if you had one of those high availability distribution (non-mainstream desktop operating systems) you could do it.

It's impossible to do on Windows because of architectural differences. On Windows, a file is lost if you delete it. On Linux, if a file is open and you delete it, all programs that have it open can continue to use it, because the actual space the file occupies on disk is not marked as free until all programs close the file.

If you replace a file that is in use it can result in instability; if you're using the GTK library and you update it and there is application using it - the result can be instability. You can either risk or or not take the risk. Yes I have see weird behaviour when Xorg is updated, I didn't restart and I experienced quirky behaviour. Better to force a reboot than have support lines clogged with irate customers.

rawr_boy81 said,

And you can do that with Windows - delay restarting until later.
Like I said, Linux can update without a restart. It still requires programs to reload, but no, it is not the same as delaying a system restart. The two are not really the same.

rawr_boy81 said,
The operating system doesn't automatically unload the only kernel out of memory and replace it with the new one - although if you had one of those high availability distribution (non-mainstream desktop operating systems) you could do it.
I think you're just repeating exactly what I said here. It's possible to update the kernel without restarting, and it's not part of any mainstream distribution.

rawr_boy81 said,
If you replace a file that is in use it can result in instability;
Yes, like I said, version conflicts are possible for a subset of things that are updated. It's not a perfect solution.


The reason it's going to stay this way for the foreseeable future is because no one wants to invest in making breaking architectural changes.

ZekeComa said,
Hehe in Linux you don't need to reboot except on kernel but then again there is a way around that too

yeah and the work around is probably easier than just freaking restarting, every thing is sooo easy in linux /s

chago12 said,

yeah and the work around is probably easier than just freaking restarting, every thing is sooo easy in linux /s

Oh Yeah. Everything is so easy in Linux; and to think that no one cares except the Geeks. What is the world coming to when there are free OS's out there; why are they paying for OS's like the Mac and Windows OS (which are hard to learn), when there is a more simple and easy to use OS like Linux (pick your flavor).

Fubar said,
So much for trying to do away with all the restarts After Updates in windows 7, come on guys while windows 7 is the best OS to date pull your finger out regarding the restarts

The problem is, that you, don't know (or at least that is what it seems like) much about software engineering. And that happens a lot. People who don't know how these system work and function don't get it and start going on about this kinda stuff. To bad

jporter said,

The problem is, that you, don't know (or at least that is what it seems like) much about software engineering. And that happens a lot. People who don't know how these system work and function don't get it and start going on about this kinda stuff. To bad

Or just too bloody damn lazy and rather pay an arm and a leg for a product that isn't even worth the price they sell it for.

hdood said,
Linux. It can even update the kernel without restarting, although I don't think that's part of any mainstream distribution.

It's impossible to do on Windows because of architectural differences. On Windows, a file is lost if you delete it. On Linux, if a file is open and you delete it, all programs that have it open can continue to use it, because the actual space the file occupies on disk is not marked as free until all programs close the file.


The biggest problem with updating though, is reloading programs that are using a library. A program already running when you update can end up using a different version than a program loaded after the update. It can also mask security holes if half your programs keep using the old version and you go a week without rebooting. Certain parts of Windows can't be reloaded, because they're always in use. The only way to reload them is by restarting the system.

Another reason for locking executables is that they're part of Windows' disk paging system. Every executable is like a miniature read-only page file.

Now there are ways this could be solved, but Microsoft doesn't have much flexibility when it comes to rewriting Windows, so much remains the same as when it was designed in the 1980s.

Although I'm sure that was a well-rehearsed little speech, you've got no clue what you're talking about. You can recover damn near any file on Windows if you know what you're doing with DOS.