Microsoft patches critical Windows flaws

Three 'critical' patches for Windows and Internet Explorer

Microsoft has today released 10 patches, three of them rated 'critical', for its Windows operating systems and other applications.

The three critical patches are for Windows and Internet Explorer. All three would allow remote hackers to gain control of PCs, either through flaws in Internet Explorer, a new vulnerability in HTML Help or using a hole in Microsoft's Server Message Block.

"Companies should ensure that they are protected from these vulnerabilities without delay," said Firas Raouf, chief operating officer at eEye Digital Security, who reported the HTML flaw 90 days ago.

He warned that the time for hackers to deconstruct the patches and develop malicious code to exploit the flaws was shrinking rapidly.

All the patches can be downloaded from the Microsoft website. Three older patches have also been reissued: MS05-019, MS02-035 and MS05-004. 

The other patches affect Windows, Exchange, services for the Unix operating system, Microsoft's training software and ISA server, and are rated 'important' or 'moderate'.