There are 7 total patches expected to be released on Tuesday, June 10, 2014. Here is the breakdown for this month:

Security Bulletins:

• 2 bulletins are rated as Critical.

• 5 bulletins are rated as Important.

Vulnerability Impact:

• 3 bulletins address vulnerabilities that could allow Remote Code Execution.

• 2 bulletins address vulnerabilities that could allow Information Disclosure.

• 1 bulletin addresses a vulnerability that could lead to Denial of Service.

• 1 bulletin addresses a vulnerability that could lead to Tampering.

Affected Products:

• All supported Windows operating systems

• All supported Internet Explorer versions

• Office 2007 and 2010

• Live Meeting 2007

• Lync 2010 and 2013​

One of the patches, number seven, is a security hole of a type you don't see announced very often in Microsoft bulletins: Tampering. 

You're probably used to seeing vulnerability tags like RCE (remote code execution), EoP (elevation of privilege, where a regular user can get unauthorized administrative or system powers), DoS (denial of service, where an outsider can crash software that you rely on), and Information Disclosure (where data that should stay private can be accessed without authorization). So what is "Tampering"?

Tampering explained by Sophos Naked Security

"Tampering is another sort of security hole that may help crooks, either by allowing them to initiate their attack more easily, or by making things worse for you once they have broken in.

Very loosely, tampering means that you can make a security-related change that should raise an alarm, but doesn't.

For example, you might be able to add malware to someone else's digitally signed software and have the system still accept it as trusted.

You might be able to make your own digital certificate, for example for a fake web page, but pass it off as someone else's.

Or you might be able to tamper with a protected configuration file, thus altering the settings and behavior of software such as a web server, without being noticed.

One well-known example of a tampering exploit is last year's MasterKey malware for Android, which bypassed Google's Android Package (APK) cryptographic verifier, making the malware look legitimate.

This didn't just allow the malware to get the blessing of Google's compulsory install-time security check, but also allowed the crooks to put the blame on a innocent vendor, whose digitally signed package they started with.

Another famous tampering exploit is the announcement by security researchers in 2008 that they had succeeded in creating a fake Certification Authority web certificate by finding a collision in the MD5 hashing algorithm.

Their home-made certificate appeared to have been signed by one of the top-level "root authorities" that almost every browser trusts by default, and would have allowed them to sign apparently-trusted certificates for any website they liked.

→ Don't use MD5 in any new project. We knew it was cryptographically flawed before 2008, but the above mentioned certificate crack made it quite clear that it was dangerously unsafe in real life, not just in the lab.

We can't yet say exactly what form this latest Windows tampering vulnerability takes, but it affects Windows 7; 8 and 8.1; Server 2008 R2 (not Itanium, and not Server Core); and all supported flavors of Server 2012, including Server Core.

Watch this space: we'll tell you more after we've spoken officially to Microsoft on Patch Tuesday itself."

Bottom Line: On Wednesday morning, first thing, please restart all of your Windows Servers and Computers

Exceptions: Windows XP, Apple, Linux