It’s Patch Tuesday—the sixth one of 2013. As far as Patch Tuesdays go, June is relatively light—with a mere five security bulletins, and only one rated as Critical—but that’s no reason to let your guard down.

The average number of security bulletins for the first five months of 2013 was nine. A paltry five security bulletins for June is only about half what IT admins have come to expect, so it’s nice to get to take it easy a bit. The one Critical security bulletin is the cumulative update for Internet Explorer, along with four Important security bulletins that still deserve prompt attention.

Lamar Bailey, director of security research for Tripwire, acknowledges that monthly Internet Explorer updates have become the norm. Bailey points out that it’s still a bit unusual for a single IE update to address 19 separate vulnerabilities, and proclaims, “It’s just a matter of time before one of these gets exploited.”

Qualys CTO Wolfgang Kandek agrees. Kandek stresses in a blog post that the flaws in MS13-047 affect all supported versions of Internet Explorer from IE6 to IE10, running on all supported versions of Windows from XP to RT. “Given the large number of vulnerabilities fixed, this will be the main target for attackers to reverse engineer and construct an exploit that can be delivered through a malicious webpage.”

To read this article in full or to leave a comment, please click here