June 2009 Advance Notification

Advance Notification for the June 2009 Security Bulletin Release

Today, we published our Advance Notification indicating that next Tuesday, June 9 at 10:00 a.m. PDT (UTC -8), we will be releasing a total of 10 security bulletins consisting of:

·         Six updates affecting Windows. Two Critical, three Important, and one Moderate.

·         One Critical update affecting Internet Explorer.

·         One Critical update affecting Word.

·         One Critical update affecting Excel.

·         One Critical update affecting Office.

You may have noticed that we are not announcing an update for the DirectShow vulnerability addressed in Security Advisory 971778. Our security teams are working hard on a security update that addresses this issue to protect customers, but we do not yet have an update that has reached the appropriate level of quality for broad distribution. We continue to monitor the situation closely and suggest customers follow the guidance provided in the advisory. This includes the “Fix It For Me” solution in the associated Knowledge Base article, which provides a quick and easy workaround to protect customers from possible attacks. If this doesn’t work in your environment, please reference the KB article for several other possible workarounds.

In addition to the new bulletins, we will also release updates for the remaining affected products in security bulletin MS09-017. In May, we released this bulletin with updates for the Windows platform due to active attacks and available updates for the entire platform to protect customers immediately. Updates for affected versions of Office for Mac and Microsoft Works had not yet reached the quality bar for release but will be ready to go on Tuesday. For more information on this decision, please reference last month’s MSRC and SRD blogs.

On release day, look for additional information on both this blog and the Security Research and Defense blog.  If you have questions or would like more information about this month’s release, please plan to attend our regularly scheduled security bulletin webcast on Wednesday, June 10, 2009, at 11:00 a.m. PDT (UTC –7). Click HERE to register.  

As always, this preliminary information is subject to change.


Jerry Bryant

*This posting is provided “AS IS” with no warranties, and confers no rights*