Two of the four critical vulnerabilities are for Windows operating systems, one affects the Office. The most severely addressed vulnerability in the Office bulletin could allow Remote Code Execution if a user opens a specially crafted Microsoft office file.
“An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user,” Microsoft wrote. “Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.”
The final critical update is for the Edge web browser in Windows 10, The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-056 updated Internet Explorer and fixed 24 vulnerabilities by “preventing browser histories from being accessed by a malicious site,” as well as “adding additional permission validations to Internet Explorer [and] modifying how Internet Explorer handles objects in memory,” the release said, noting that “customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-057 plugged a hole in Windows with which attackers could seize control remotely of a system if Windows Media Player “opens specially crafted media content that is hosted on a malicious website.”
These patches should be installed on all systems and are available from Windows Update. Inaddition to these Microsoft has released six non-critical updates.
Microsoft revealed this morning that Windows 10 will be released to customers on July 29, 2015 as part of a free upgrade offer and with new PCs. This date is when the free upgrade promotion for one year begins.
Starting today users of eligible systems will start seeing an Icon in the taskbar of Windows 7 and * workstations.
We DO NOT recommend anyone who uses their PC for business applications sign up for this program. It is imperative that your business critical applications be tested prior to migrating to Windows 10. If you do reserve your copy now your system will automatically download a 3GB setup at some point prior to July 29.
Surface Pen Settings driver update (v220.127.116.11) enables new functionality and features for the Surface app found in the Windows Store. You can install this update from Windows updates on your Surface.
Microsoft has announced that they are extending the period in which it retains deleted emails in Office 365. Currently if you moved an email to the Deleted folder, it will permanently after 30 days. This has now been extended to indefinitely by default and can be set by the Office 365 Administrator. Office 365 Administrators can also create custom retention policies for email if they want the information to truly delete.
Many companies and users are still on Office 2010 with no immediate plans to go to Office 2013. This means they are missing out on the improvements made to OneNote 2013. Until recently the free download version of OneNote 2013 was missing several key features. This has been resolved and we are not suggesting users of Office 2010 migrate to OneNote 2013 which can be donwloaded below. Some of the unlocked features include:
- Password protected sections—Add a password to protect sensitive information.
- Page history—Easily see or go back to prior versions of a page.
- Audio and video recording—Take notes while recording, and easily jump to the relevant section later.
- Audio search—Search for a word in a voice or video recording.
- Embedded files—Insert Office documents or other files directly in your notebook.
Source: OneNote Download