Microsoft moved to patch six critical issues in its July update for all versions of Windows.
As noted in Microsoft's security bulletin, there were also vulnerabilities in Visual Studio, Office and Lync to name a few. Microsoft so far has had 22 critical vulnerabilities so far in 2013.
The critical flaws all involve remote code execution vulnerabilities. MS13-054 appears to be the vulnerability that hits the most enterprise software tools. Microsoft said:
This security update resolves a privately reported vulnerability in Microsoft Windows, Microsoft Office, Microsoft Lync, and Microsoft Visual Studio. The vulnerability could allow remote code execution if a user views shared content that embeds TrueType font files.
This security update is rated Critical for all supported releases of Microsoft Windows and affected editions of Microsoft Lync 2010 and Microsoft Lync 2013. The security update is rated Important for affected releases of Microsoft Office and supported editions of Microsoft Visual Studio .NET 2003.
Another "important" patch is for Windows Defender. That vulnerability allows an elevation of privilege. What's notable is that Microsoft is patching its antivirus software.
In line with Microsoft's patch Tuesday Adobe also updated its Flash Player (again). The Flash updates are designed to prevent an attacker taking control of a system.