It’s a relatively light month for security updates, but Office 2010 and 2013 both get a slew of nonsecurity fixes.
June’s Patch Tuesday release was also bulked up with a bunch of reissued security updates for Office 2010 and some patches that prepare Win7 and Win8 machines for Windows 10.
Regularly scheduled browser update review
The days immediately following Patch Tuesday (the second Tuesday of the month) are always a good time to ensure that all installed browsers are up to date. Even Opera (site) received a recent update. It’s also a good time to review your browser’s add-ons and extensions — some may no longer work after a browser update, others could need updating themselves, and those you no longer use should be removed.
As noted in a Windows Blog post, Microsoft has added HTTP Strict Transport Security (HSTS; more info) to IE 11 on Windows 8.1 and 7. June’s cumulative IE update, KB 3058515, among other things, adds support for HSTS to IE clients. But actually implementing this security feature will be up to individual site developers.
Rated critical, KB 3058515 patches over 20 IE vulnerabilities. It also includes seven nonsecurity fixes — among them, one that improves HTML table display speed and another that solves an issue with slow or crashing Web apps.
Of the other browsers, Firefox is now up to Version 38.0.5 (more info); Chrome is on Version 43.0.2357.124, as noted on a Chrome release post. (Along with security updates, Mozilla is apparently very busy adding new features to Firefox.)
IE isn’t the only app to get a heavy load of security fixes. According to Adobe’s June 9 security bulletin, Flash Player 126.96.36.199 addresses 13 vulnerabilities, some of which have already been used in ransomware attacks. (In my recent “Ransomware” session at last month’s MVP Virtual Conference, I discussed about how Flash is used for ransomware attacks.)