Microsoft has published two security updates for its Windows operating system, both of which carry the software giant's most severe rating of 'critical'.
The first patch targets a vulnerability in the way that Windows handles embedded web fonts. Attackers could use the hole to take control of an affected system.
Embedded web fonts allow documents to come bundled with the appropriate fonts to ensure that they are properly displayed. The technology has been built into Internet Explorer since version 4.
The second fix plugs a security hole in several versions of Outlook and Exchange Server, which again could allow an attacker to take control of a system.
The vulnerability concerns the way that the messaging applications decode the Transport Neutral Encapsulation Format Mime attachment, Microsoft said in a security advisory.
An attacker could exploit the flaw by crafting a special email attachment spread via a spammed message. The user still has to preview or open the message to become infected.
The patches are Microsoft's second security release for this month, after the vendor was forced to rush out a patch for a widely exploited security flaw in the WMF graphics format last week.
Microsoft typically issues its security updates on the second Tuesday of the month, a cycle that has become known as 'patch Tuesday'.
Comcast's £29.7bn winning bid more than twice the £13.7bn Rupert Murdoch valued Sky at just eight years ago
A nuclear strike has been considered, but Bruce Willis is nowhere in sight
Spray-on antenna could enable seamless integration of antennas with everyday objects
Parker Solar Probe, TESS and GOLD missions will deliver exciting data, claims NASA