Microsoft issued nine security bulletins as part of August’s Patch Tuesday. Five are rated critical and four rated important. Altogether, the bulletins address 26 vulnerabilities in Microsoft Windows , Internet Explorer, Exchange Server, SQL Server, Server Software, Developer Tools, and Office.
An MSCOMCTL-related bug is at the top of the Microsoft list. Microsoft previously patched the Windows Common Control bug with bulletin MS12-027 in April. That,affects a huge number of applications including some very serious back office core systems, like SQL servers and commerce servers.
If you can’t get this patch rolled out quickly, you should remind users about the dangers of opening attachments from unknown persons.
August marks the third month in a row with a new Internet Explorer patch. That demonstrates Microsoft is leveraging its recently announced initiative to release IE patches more frequently. Expect a lot more IE patches.
Meanwhile, MS12-054 contains a sprint spooler bug with a potentially wormable condition.This is something that predominately affects small business and campus locations where Windows computers are configured in workgroups,
Microsoft listed MS12-060 as the most critical issue this month. They mention it is seeing limited targeted attacks and it patches different components of a control patched only a few months ago.
