We’re halfway through the year — and we’re already working on our fiftieth Windows security bulletin.
The June Patch Tuesday leads off with a few security updates plus a bunch of nonsecurity fixes.
MS13-047 (2838727), Adobe Flash
Starting with the usual suspects: IE and Flash
At this point, we can assume that every Patch Tuesday will have security updates for Internet Explorer and Adobe Flash. Rated critical for workstations, MS update KB 2838727 is a cumulative fix for all current versions of IE. There are no known exploits, but it’s anticipated that they will come soon.
The cumulative update also includes some nonsecurity fixes, such as the IE 10 flaw noted in KB 2856741. IE 10 users will also see a Flash update.
All other IE users need to download and install Flash and Air updates released on Tuesday, as detailed in Adobe Security bulletin APSB13-16. If you use Flash, make sure you’re on Version 11.7.700.224 — and watch out for those preclicked offers for additional software and toolbars.
What to do: Install KB 2838727 (MS13-047) and the latest Adobe Flash as soon as possible.
A bit of patching déjà vu for Office 2003
We patched Office 2003 last month — and we’re doing it again. But this time there’s a small twist: you might see this update even if you don’t have Office 2003 installed. It’s not uncommon to have leftover components of older Office versions on a PC. If the component becomes vulnerable, it still needs to be fixed.