Microsoft delivers four patches for July

Microsoft has patched five security flaws this month

Microsoft has delivered the July edition of its monthly security update with four security bulletins addressing five vulnerabilities.

Four of the fixes have been listed as 'critical', while the fifth is considered 'important'. If exploited, all of the flaws could be used to perform remote code execution attacks.

Among the highest priorities is a patch for the Help Center vulnerability in Windows disclosed in early June. The discovery of the flaw and its handling by Microsoft triggered heated debate within the security community.

Also patched is a remote code execution flaw in Outlook. The vulnerability is not considered critical because an attack requires tricking the user into launching a file attachment rather than embedding attack code on a web page, but Microsoft classifies the update as a top deployment priority owing to the scope of a possible attack.

The two remaining bulletins address remote code execution and denial-of-service issues in the Canonical Display Driver component, and a remote code execution flaw for Access. The company recommends IT managers treat the Access bulletin as a top priority for systems running the database tool.

The update also marked the end of support for two older products. Microsoft said that support for Windows 2000 or Windows XP SP2 systems will end on 13 July. Users are being advised to update XP systems to the SP3 release.