As part of its routine, monthly security-update release cycle, Microsoft yesterday delivered six new security updates that fix 15 vulnerabilities in various products. The most serious vulnerability could allow remote code execution on an unpatched PC running Windows Server 2008, Windows Server 2003, WIndows XP, or Windows 2000. None of this month's patches apply to Windows 7.
Aside from Windows, Microsoft also patched holes in Office XP and Office 2003, as well as Mac Office 2008 and Mac Office 2004. One update was deemed "critical," but the rest are marked as "important" updates. That critical update, however, is a big one: The vulnerability it fixes can be triggered simply by visiting a malicious website with Internet Explorer (IE).
As always, Microsoft recommends that users stay up to date with Automatic Updates and Windows Update. You can find out more about this month's security updates on the Microsoft website.