Microsoft has released three critical fixes addressing flaws in Windows, Windows .Net framework and Internet Explorer, some of which are being actively exploited by hackers in the wild.
The Windows critical patch fixes two flaws in the operating system's kernel that leave customers open to remote code execution attacks.
"The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts," said the Microsoft Security Bulletin Summary for October 2014.
"In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email or instant message."
The flaws are particularly dangerous as researchers at FireEye have uncovered evidence that they are being exploited to launch targeted attacks against "major corporations".
"The FireEye Labs team has identified two new zero-day vulnerabilities as part of limited, targeted attacks against some major corporations. Both zero-days exploit the Windows Kernel," reported FireEye.
The Internet Explorer and .Net critical flaws are listed as potentially just as bad and could theoretically be used by hackers to mount remote execution attacks. There is currently no word on whether they are being actively exploited in the wild.
Microsoft also released five 'important' fixes for various Windows, Office and application bugs.
The most serious of these addresses the infamous Sandworm flaw. Sandworm is known to have targeted numerous high-profile institutions, including Nato, as reported earlier this week by iSight researchers.
The campaign targeted the organisations with spear-phishing messages, and affects all versions of Windows from Windows Vista Service Pack 2 onwards as well as Windows Server versions 2008 and 2012.
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer
Top-of-the-range Threadripper 2990WX now available from Scan, Ebuyer, Overclockers, Novatech and Amazon