Patch Tuesday for July 2015

It’s Patch Tuesday again and time for all Windows sysadmins to apply the latest set of fixes from Microsoft.

This month’s delivery includes a total of 14 patches with 4 of them listed as critical.

One of the fixed flaws is flaws is a perfect example of why all system administrators need security on multiple levels.

The critical ones include the usual set of fixes for Internet Explorer, a flaw in the VBScript engine, a Hyper-V vulnerability and (the most worrying of them all) a Remote Desktop vulnerability that could allow for remote code execution.

We’ve seen a lot of network environments where Remote Desktop is available from anywhere with the assumption that the built-in login security is enough. Here at FrameFlow we augment this with IP specific rules that tightly control who can login from where. If you’ve configured public facing remote desktop connections then we recommend that you too implement IP restrictions and other policies for maximum security.

The official label for the Remote Desktop flaw is MS15-067. See the full description for a list of affected Windows versions and more technical details.

For more details about all the fixes included in this Patch Tuesday see Microsoft’s official bulletin.