As Microsoft does on the second Tuesday of every month they release updates named Patch Tuesday. The number of supported operating system versions shrank by one as Vista support ended back in April 2017. The same is true for the Windows 10 RTM version which is also no longer supported. Microsoft included a Windows XP patch in its June Patch Tuesday releases for a zero-day exploit in Internet Explorer 8. This was unexpected but Microsoft said it was necessary due to an “Elevated Risk.”
Windows XP was initially scheduled to enter End of Life (EOL) status in 2008, seven years after its launch, and while April 2008’s Service Pack 3 was the last official update bundle its popularity led to several stays of execution through to 2014 Microsoft addressed ongoing security issues threatening corporate customers who had not yet made the leap to the operating system’s successors. Windows XP still stands as one of Microsoft bestselling operating systems and the argument remains does Microsoft still need to be patching a 13-year-old operating system. They recently released a patch for the WannaCry security issue as well.
June 2017 Patch Tuesday Microsoft is releasing 97 CVEs, nearly double the number of vulnerabilities patched in May. Across them all these vulnerabilities there are security updates for the following software and services:
- Microsoft Edge Browser
- Microsoft Windows
- Microsoft Office
- Microsoft Scripting Engine
- Windows OLE
- Microsoft GDI and Uninscribed engines
- Adobe Flash Player
- Microsoft SharePoint
- Windows Search
- Internet Explorer
Seven of the vulnerabilities were rated “Critical”, and Microsoft Office had several updates marked as “Important”. There was one update marked as “Moderate” and one marked as “Low” both were updated patches for Microsoft Edge. It was a pretty big patch Tuesday but not the biggest we have even seen we will wait as always to see what next month brings.