Patch For Vulnerabilities in Windows, Office, IE and IIS
Microsoft released June 2010 Security Bulletin Releases of which 3 patch packages carry a rating of Critical, patching vulnerabilities that, in the eventuality of a successful exploit, would permit attackers to perform remote code execution on an affected system. The remaining seven security bulletins are considered only Important by the Redmond company.
Customers should prioritize the deployment of three security bulletins in particular,
1. MS10-033 is Critical on all supported versions of Windows. Affected components include Windows Media Encode 9 (not supported on Windows 7), Asycfilt.dll (COM component), Windows Media Format Runtime 9.0 and 9.5, and Quartz.dll. Attack vectors include maliciously crafted web pages and files.
 2.  MS10-034 is an ActiveX kill bit update that includes Kill Bits for two Microsoft controls and four third party controls.
 3.  MS10-035 is a cumulative update for Internet Explorer. There are 6 vulnerabilities being addressed in this update including the issue first discussed in Security Advisory 980088.
Customers running Windows 7 will need to deploy no less than seven security bulletins impacting the operating system. Three of the bulletins for Windows 7 are rated Critical, including the one that is designed to resolve issues in Internet Explorer 8, with the rest being Important.
June 2010 security bulletins provided by Microsoft
- MS10-032 addresses three vulnerabilities in Windows, has a maximum severity rating of Important and an Exploitability Index rating of 1.
- MS10-033 addresses two vulnerabilities in Windows, has a maximum severity rating of Critical and an Exploitability Index rating of 1.
- MS10-034 addresses two vulnerabilities in Windows, has a maximum severity rating of Critical and an Exploitability Index rating of NA.
- MS10-035 addresses six vulnerabilities in Internet Explorer, has a maximum severity rating of Critical and an Exploitability Index rating of 1.
- MS10-036 addresses one vulnerability in Office, has a maximum severity rating of Important and an Exploitability Index rating of 1.
- MS10-037 addresses one vulnerability in Windows, has a maximum severity rating of Important and an Exploitability Index rating of 2.
- MS10-038 addresses fourteen vulnerabilities in Office, has a maximum severity rating of Important and an Exploitability Index rating of 1.
- MS10-039 addresses three vulnerabilities in Windows and Office, has a maximum severity rating of Important and an Exploitability Index rating of 1.
- MS10-040 addresses one vulnerability in Windows, has a maximum severity rating of Important and an Exploitability Index rating of 2.
- MS10-041 addresses one vulnerability in Windows, has a maximum severity rating of important and an Exploitability Index rating of 3.
- Security Advisory 973811 was revised to provide updates to implement channel binding for various platforms at regular intervals.