Microsoft has released patches for three security holes in its Windows operating system, with two of them described as “critical” by Microsoft.
All three flaws affect versions of Windows, from NT4 and Windows 98 to Windows XP, including machines with Windows XP Service Pack 2.
The first critical flaw is connected to the HTML Help ActiveX feature in the HTML Help Control part of Windows and could allow a hacker to take complete control of a user’s machine.
The second critical hole is connected to the way Windows handles icons and cursors, and allows hackers to take advantage of an exploit by allowing them to create a malicious web page using the machine.
The third flaw is described by Microsoft as “important” and relates to an indexing component in Windows. The fault is not described as critical, even though it allows a hacker to take complete control of a system, because the feature used by the exploit is turned off in Windows by default.
All the patches are available for download at: http://www.microsoft.com/security/.