Fat Patch Tuesday Arrives

In the second largest security bulletin since moving to monthly updates, Microsoft issued a total of 12 fixes to address flaws in SharePoint, Microsoft's .NET Framework, Office and Windows Media Player. Of the updates, nine pertain to Windows and eight are deemed "critical," the most severe designation.

If left un-patched, the critical vulnerabilities would enable computer hackers to seize control of a compromised system. An exploit for one of the flaws is already circling, according to sources close to Microsoft.

Microsoft rolled a number of updates into a cumulative fix for Internet Explorer, which was not listed as individual items. The cumulative update carried the highest severity rating and prevents attackers from installing malicious programs; deleting, modifying or viewing local files; or creating super user accounts within Windows.

Additional critical updates were released for MSN Messenger, Media Player, Office XP, and various other Windows components.

Microsoft followed its standard security policy and did not release any specifics prior to Tuesday's patches, but has instituted an early access program for governments and enterprise customers. A team of external beta testers also receives controlled access to prerelease updates for quality control purposes.

More detailed information is available from the Microsoft Security Web site. All Windows users are advised to update their systems via Windows Update.