Update: Eugene Kaspersky (@e_kaspersky) just blogged about an advanced malware that attacked his company (and a number of others) using a Windows Kernel vulnerability CVE-2015-2360, which Microsoft addressed this month in MS15-061. He calls the malware Duqu 2.0 and affirms that it is backed by a nation state, due to characteristics of the malware’s code. The code bears resemblance to Duqu and incorporates several new features that show that it has received development efforts since the initial version in 2011. There is more information forthcoming – we will update this blog post when that happens. In the meantime make sure you apply MS15-061 to all of your Windows machines.
Original: Patch Tuesday June 2015 – halfway through the year and this month we have eight bulletins bringing the total count for the year to 63. Four of the bulletins address Remote Code Execution (RCE) vulnerabilities, and one covers a publicly disclosed kernel vulnerability that has not seen any exploits yet. Weirdly enough there is a "hole" in Microsoft’s lineup and one bulletin, MS15-058, is apparently not ready to be released yet.