Microsoft’s July Patch Tuesday security event is next week and it is set to deliver at least nine patches. Of those patches three are rated as being critical, while six get the important label.
At the top of the critical list is Bulletin 1, which researchers suspect could be an XML vulnerability that is currently being exploited in the wild. eSecurityPlanet has independently confirmed that one of the bulletins Microsoft expects to release on Tuesday is in fact the XML security issue. The flaw is related to the MSXML issue that Microsoft first disclosed Security Advisory 2719615 back in June.
That flaw is a remote code execution vulnerability in Microsoft XML Core services and could potentially enable an attacker to execute arbitrary code. As part of the June Patch Tuesday update, Microsoft issued a ‘fixit’ tool, however a formal patch was not made available.
Over the course of the last month, the vulnerability has been used in attacks.
“We have seen it actively exploited in the wild,” Chester Wisniewski, senior security researcher at Sophos told eSecurityPlanet. “Not in a widespread fashion, but it is certainly available for budding hackers to exploit.”