Microsoft fixing six critical vulnerabilities next Patch Tuesday

Microsoft notes in its security bulletin that the patch will plug critical remote code execution holes in Microsoft’s .NET framework, Silverlight, Office, Visual Studio, Lync and Internet Explorer. From the security bulletin it is evident that at least three critical vulnerabilities affect all versions of Windows and all versions of Internet explorer are affected by a vulnerability that is plugged by one of the patches.

The Windows 8 maker is also patching a kernel vulnerability disclosed at the beginning of June by Google researcher Tavis Ormandy. The issue is to do with Windows kernel’s EPATHOBJ::pprFlattenRec function and after Ormandy released the exploit code, Metasploit module was developed to exploit the bug.

The patch set also brings with it a fix classified as important and one that fixes an issue with Windows Defender for Windows 7 and Windows Defender if installed on Windows Server 2008 R2.