Microsoft has released three critical fixes addressing flaws in Windows, Windows .Net framework and Internet Explorer, some of which are being actively exploited by hackers in the wild.
The Windows critical patch fixes two flaws in the operating system's kernel that leave customers open to remote code execution attacks.
"The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts," said the Microsoft Security Bulletin Summary for October 2014.
"In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email or instant message."
The flaws are particularly dangerous as researchers at FireEye have uncovered evidence that they are being exploited to launch targeted attacks against "major corporations".
"The FireEye Labs team has identified two new zero-day vulnerabilities as part of limited, targeted attacks against some major corporations. Both zero-days exploit the Windows Kernel," reported FireEye.
The Internet Explorer and .Net critical flaws are listed as potentially just as bad and could theoretically be used by hackers to mount remote execution attacks. There is currently no word on whether they are being actively exploited in the wild.
Microsoft also released five 'important' fixes for various Windows, Office and application bugs.
The most serious of these addresses the infamous Sandworm flaw. Sandworm is known to have targeted numerous high-profile institutions, including Nato, as reported earlier this week by iSight researchers.
The campaign targeted the organisations with spear-phishing messages, and affects all versions of Windows from Windows Vista Service Pack 2 onwards as well as Windows Server versions 2008 and 2012.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago