Microsoft posts critical fixes for Windows and Internet Explorer

Microsoft has issued six bulletins to address a total of 19 vulnerabilities in the November edition of its monthly security updates.

The company said that the Patch Tuesday release would include four bulletins for flaws which have been rated as critical and are considered top deployment priorities.

Among the four critical fixes were patches for the Windows Shell and Windows Kernel which, if exploited, could allow an attacker to perform remote code execution attacks on a targeted system without user authorisation or notification.

Additionally, the update includes a fix for remote code execution flaws in Internet Explorer and the .NET Framework.

The remote code execution flaws are considered particularly dangerous as cybercriminals often target them to perform malware installations.

While administrators will want to test the update for possible compatibility or stability issues, end users are being advised by the company to enable the Windows Automatic Updates to keep their systems up to date.

"We are committed to improving the security of all our products," said Microsoft trustworthy computing director Dave Forstrom.

"When security updates are released, customers who have Automatic Updates enabled will be protected automatically and do not need take an action."

Other updates released include bulletins to address a vulnerability in Excel on both Windows and OS X systems which has been rated as 'important' and an information disclosure flaw in Windows which the company considers a 'moderate' level threat.