Microsoft has issued 12 patches to address 21 security flaws in its software, with eight of the patches deemed “critical” by the company.
The patches, part of Microsoft’s monthly scheduled patching cycle, address problems in the Windows operating system, the Office productivity suite and Windows Media Player. Most of the flaws potentially allow remote attackers to access users’ systems.
Four of the critical updates tackle security holes that can open up systems in all versions of Windows.
One is a cumulative update for the Internet Explorer browser, and another deals with a problem with Windows Media Player, versions 7.1, 9 and 10.
Another patch covers vulnerabilities in Microsoft Jscript, and a problem is also addressed in ART image rendering.
There is also a critical Windows patch that tackles bugs in the operating system’s graphics rendering engine, but this problem only affects the ageing Windows 98, Windows 98 Second Edition (SE) and Windows Millennium Edition (ME) platforms.
Two critical updates are also aimed the Office suite. There is a fix for a vulnerability in Word, which affects Microsoft Works, and there is a patch for a flaw in PowerPoint too.
Among the other fixes, there is one for an “important” flaw in Windows' Server Message Block (SMB) component, which could enable attackers to elevate their level of system privileges.