Users had been expecting a patch earlier, since one of the vulnerabilities was reported to the company in June.
The 'important' patch fixes a flaw in the Windows kernel that could allow any code executed on a Windows NT 4.0 or Windows 2000 system to elevate itself to the highest possible local privilege level.
This means that, once the flaw is exploited, the attacker could obtain full admin rights to the PC, even if the user does not have such rights.
Microsoft also announced a change to the way it emails customers designed to thwart attempts by virus writers to send emails masquerading as security updates.
"Starting in 2006, Microsoft will begin signing all security communications sent in email using industry standard Secure Multipurpose Internet Mail Extensions [S/MIME]," the company said in a statement.
"This change will allow for easier customer verification that email coming from Microsoft regarding security is actually coming from Microsoft.
"S/MIME is supported by default on Outlook Express, Microsoft Outlook, and many third-party email programs."
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally
Insecticides based on sulfoxaflor might be as bad for bees as neonicotinoids