It’s time for Patch Tuesday again! In keeping with its usual schedule, Microsoft has released this month’s batch of security bulletins and patches for Windows and related software. For July, there are nine bulletins, for 15 identified vulnerabilities. Six of the bulletins are for Windows and its components; three of these have a maximum severity rating of Critical, and the other two are rated Important. All supported versions of Windows are affected. (For a breakdown of bulletins by severity and Windows version, please see this month’s preview post.)
There are also four bulletins that affect Microsoft Office, including Office for Mac and InfoPath. One of these is rated Critical; the rest are rated Important. Two of the four also apply to other Microsoft software; the affected packages are SharePoint Server, Groove Server, Visual Basic for Applications, Office Web Apps, and SharePoint Services & Foundation.
Further details, and download links, are in the Security Bulletin Summary for July 2012. Microsoft says that four of the patch installations will definitely require a system restart, and that four of the others may require one, depending on the configuration of your system. There is one, MS12-051, which Microsoft says “does not require a restart”. When I first read this, I was initially impressed. I had begun to doubt that it was possible to construct a patch for Windows software that could not possibly require a re-boot; then, however, I noticed the bulletin title, “Vulnerability in Microsoft Office for Mac”. Ah, well …
As always, I recommend that you update your systems as soon as you conveniently can.
Update Tuesday, 10 July, 0:05 EST
The Internet Storm Center at the SANS Institute has published its usual review bulletin on this month’s Microsoft patches.