Microsoft will finally roll out the first Windows 8.1 update next week on Patch Tuesday, June 10.
The update, which fixes 7 security issues on software such as Internet Explorer, Microsoft Office 2007 and 2010, and versions of Microsoft Lync 2010 and 2013, should be out at 1:00 p.m. EDT.
Update 1.0 will fix two important bugs, identified by Microsoft as Bulletin 1 and Bulletin 2 in their advance notification list.
Bulletin 1 is a critical remote code execution Internet Explorer bug that affects all versions of Internet Explorer, including IE11 in Windows 8.1. All server versions of Windows are also affected, but at a lower level of severity because IE runs in Enhanced Security Configuration by default.
As Server Core versions of Windows Server do not include IE, they are thus not affected by Bulletin 1.
Bulletin 2 affects a broad selection of both Windows and Office products. It is a remote code execution vulnerability, and is rated critical on all versions of Windows, including Server Core. It is also critical on Microsoft Live Meeting 2007 Console and all versions of Microsoft Lync. Lync Server is unaffected by this bug.
Additionally, Bulletin 2 is rated Important for Office 2007 and Office 2010. Only Microsoft Office 2013 appears to be unaffected.
Bulletin 3 affects only Office 2007 and Microsoft Office Compatibility Pack Service Pack 3.
Bulletins 4 and 5 provide information on disclosure bugs in Windows and Lync Server respectively.
Bulletin 6 is a denial of service bug present in all Windows versions, including Vista.
Bulletin 7 is an uncommon “tampering” bug that affects Windows 7, 8.x and Server 2012.
In order to receive the patches, users of Windows 8.1 devices have to first get the Windows 8.1 Update, an interim upgrade that was launched by Microsoft early on in April.
