Microsoft will be releasing 9 major updates this week that will patch major bugs and vulnerabilities in Windows, Internet Explorer, Office, Exchange, SQL Server and Windows Server. Of these 9 updates, 5 are labeled “Critical,” which is the most serious rating Microsoft uses.
Two of the updates are unique in that they affect critical business systems: Exchange and SQL Server. Microsoft Exchange is used for email services by many businesses, and Microsoft SQL Server is a database server that powers many different applications, from websites to financials to reporting.
Because these services are so critical to many businesses, patches for these two programs typically don’t arrive at the same time and are few and far between. For example, the last time Exchange was patched was nearly two years ago in December 2010. IT administrators should proceed with extra caution when applying these updates in order to avoid unexpected downtime.
Other critical updates to be released include Internet Explorer versions 6-9, which is its 3rd in as many months, and Office versions 2003, 2007 and 2010. Eight of the 9 updates patch Remote Code Execution vulnerabilities. The remaining update patches an Elevation of Privilege vulnerability.
Remote Code Execution describes a type of vulnerability that allows an attacker to execute any code they wish on a targeted computer. It is considered the worst effect a bug or vulnerability can have, as it has the potential to allow the attacker full control of the targeted system.
Elevation of Privilege vulnerabilities allow the attacker to gain higher-level access to resources typically not available to a normal user. This results in the attacker being able to execute commands normally not authorized by a system’s administrator.
These 9 updates are expected to be released on August 14th at 1PM Eastern.
If you’re not sure if you’re affected by these updates or you’re not sure how to apply them, Minneapolis-based OAC Technology can help. For more than 10 years, we’ve been helping businesses with Server Support, ensuring that their systems are up-to-date and secure. Give us a call at 952-548-5558 and we would be happy to sit down with you for no charge and assess your business’s needs.